SINGAPORE - SingPass users who have not registered for two-factor authentication (2FA) will have more time to do so, the Infocomm Development Authority (IDA) said in a statement today (July 4).
It was previously announced that 2FA would be compulsory from July 5 this year for all sensitive e-transactions with government bodies such as the Central Provident Fund Board and Inland Revenue Authority of Singapore.
2FA is a process that uses a randomly generated one-time password delivered via SMS or a token, which must be entered on top of the usual login requirements.
400,000 of the 2 million regular SingPass users - those who log in more than once a year - have yet to register for 2FA, the IDA said. There are currently 3.3 million SingPass users in total.
To "minimise disruption and provide flexibility" to those who have not signed up for 2FA, the IDA will be giving these users an additional 30 days from the day they log in after the original July 5 deadline.
This means that different users will have different due dates to set up their 2FA, depending on when they log in for the first time after July 5.
"This one-time grace period helps to minimise disruption and provide flexibility to different users who have not set up their 2FA and need to perform urgent e-transactions," IDA assistant chief executive Chan Cheow Hoe said.
"However, the security of user accounts remains our priority. We will monitor the take-up rate of the remaining regular users before removing the grace period," he added.
SingPass users can refer to the IDA's FAQs or to the video guide below for more information on registering for 2FA.