Advisory Note

Your SingPass account contains a lot of personal data. Please do not share your username, password and 2FA details (SMS or Token OTPs) .

About Us


Launched in March 2003,Singapore Personal Access (or SingPass) is a gateway to hundreds of e-services provided by more than 60 government agencies. Users only have to remember one password when connecting and transacting with the Government.

Managed by the Government Technology Agency (GovTech), the SingPass system is reviewed regularly and there are many on-going security enhancements to ensure that a secure SingPass service is delivered to its users.

Examples of some measures taken over the years to better protect users' personal information:
  • Users will be prompted to change passwords to stronger ones every two years.
  • Passwords of accounts that are inactive for more than three years will be reset to ensure that users with dormant accounts are not unnecessarily exposed to cyber threats.
  • After three failed login attempts, users will be asked to key in a randomly-generated security code to mitigate brute force attacks on login.
  • Any changes made to the account holder's key personal information will trigger a notification letter,which will be sent to the user’s registered address to verify this change.

To better meet users’ needs, the enhanced SingPass system was launched in July 2015 to include an improved user interface, mobile-friendly features and stronger security capabilities, such as 2-Step Verification (also known as 2FA), for government e-transactions involving sensitive data.

With 2FA, users will be required to enter a One-Time Password (OTP) sent via SMS, or generated through a OneKey token. This is in addition to their SingPass username and password, thus better protecting their personal information.

To enjoy the enhanced features, users simply need to complete the following steps:
  1. Complete a one-time account update
  2. For users who log into their SingPass account for the first time after 5th July 2015, they will automatically be prompted to:
    • Provide and verify mobile number and email address
    • Users are to select their preferred mode of contact (SMS or email) so that they will receive SMS or email notifications whenever changes are made to their SingPass profile (e.g. password, mobile number, SingPass ID).

    • Set up security questions and answers
    • Users will be prompted to set up at least two security questions and answers.This is so that they can reset their passwords online easily by answering the security question correctly.
  3. Set up 2-Step Verification(2FA)
  4. SingPass 2-Step Verification (2FA) helps to better protect your personal data. 2FA is required when you perform sensitive government e-transactions, such as filing taxes and viewing CPF statements.

    To set up their SingPass 2FA, users will need to:

    • Register for SMS or OneKey Token via the SingPass website
    • Users can log into their SingPass account and click “Set Up 2-Step Verification (2FA)” under the Quick Links section. They can choose to receive OTPs via SMS or generate them through a OneKey token.

      Upon successful registration, a PIN mailer will be sent to their registered address within seven working days for them to activate their 2FA.

    • Activate 2FA using PIN mailer password
    • Users can send the activation code in the PIN mailer to 78111 via SMS, or log into Assurity’s website (https://portal.assurity.sg/activate) using their NRIC and the password in the PIN mailer to activate their 2FA.

      Upon successful activation, their SingPass 2FA setup is complete and they will go through a 2-step login process when performing government e-transactions involving sensitive data.

Together, everyone can enjoy a safe and secure SingPass.

Click here to read SingPass Terms of Use.

*IDA has been restructured to form GovTech on 1 October 2016. SingPass is now managed by GovTech.

Go Back to Top