28 July 2012
Editor, Voices
Today Paper
I refer to the report "Singaporeans putting their online accounts at risk" in Today
paper.
It quoted a survey by an IT solutions company Assurity Trusted Solutions that many users do
not adopt security measures, such as changing their passwords at regular intervals.
I wish to give my views about IT security, so that the website administrators and regulators do not go
overboard in addressing this issue:
overboard in addressing this issue:
- Many online accounts, especially those used for social networking,
do not contain critical information - It is not practical to ask users to change their passwords at regular intervals, as they have to
maintain several dozen online accounts - For transactions that have financial or legal impact, it is sufficient to use a second factor
authentication, or to ask the user to enter a second password.
There is still the risk of unauthorized hacking into online accounts that do not have a high level of
security. It is better to clarify that hacking is a criminal activity, similar to a burglar entering
into a private residence. Many hackers may not be aware that they could be charged for this crime.
Tan Kin Lian