Advisory Note

Your SingPass account contains a lot of personal data. Please do not share your username, password and 2FA details (SMS or Token OTPs) .

About Us

Launched in March 2003,Singapore Personal Access (or SingPass) is a gateway to hundreds of e-services provided by more than 60 government agencies. Users only have to remember one password when connecting and transacting with the Government.

Managed by the Government Technology Agency (GovTech), the SingPass system is reviewed regularly and there are many on-going security enhancements to ensure that a secure SingPass service is delivered to its users.

Examples of some measures taken over the years to better protect users' personal information:
  • Users will be prompted to change passwords to stronger ones every two years.
  • Passwords of accounts that are inactive for more than three years will be reset to ensure that users with dormant accounts are not unnecessarily exposed to cyber threats.
  • After three failed login attempts, users will be asked to key in a randomly-generated security code to mitigate brute force attacks on login.
  • Any changes made to the account holder's key personal information will trigger a notification letter,which will be sent to the user’s registered address to verify this change.

To better meet users’ needs, the enhanced SingPass system was launched in July 2015 to include an improved user interface, mobile-friendly features and stronger security capabilities, such as 2-Step Verification (also known as 2FA), for government e-transactions involving sensitive data.

With 2FA, users will be required to enter a One-Time Password (OTP) sent via SMS, or generated through a OneKey token. This is in addition to their SingPass username and password, thus better protecting their personal information.

To enjoy the enhanced features, users simply need to complete the following steps:
  1. Provide and verify mobile number and email address
  2. Users are to select their preferred mode of contact (SMS or email). This is so that they can receive notifications whenever changes are made to their key account information (e.g. password, mobile number).

  3. Set up 2-Step Verification(2FA)
  4. To better protect their personal data, SingPass 2FA is required for transactions involving sensitive data, such as filing taxes and viewing CPF statements.

    To set up their SingPass 2FA, users will need to:
    • Log in to their SingPass account and follow the instructions on the screen to register for 2FA.

    • Wait for a PIN mailer to arrive at their registered address (it may take up to seven and 10 working days for local and overseas addresses respectively).

    • Follow the instructions in the PIN mailer to activate 2FA. Once completed, their 2FA setup is complete.

Together, everyone can enjoy a safe and secure SingPass.

Click here to read SingPass Terms of Use.

*IDA has been restructured to form GovTech on 1 October 2016. SingPass is now managed by GovTech.

Go Back to Top