Many complacent about online passwords: Survey

When it comes to cyber security, Singaporeans appear to be creatures of habit and prefer to stick to the same old passwords.

While most indicated in a government survey they had adopted the two-factor authentication (2FA) process, they appeared casual with their passwords.

A public awareness survey by the Cyber Security Agency of Singapore (CSA) showed that one in three respondents last year continued to store their passwords in their computer; wrote them down; and used the same password for work and personal accounts.

Also, between 50 and 70 per cent of respondents either did not change their passwords or did so only when prompted by their different online accounts, including cloud-based services, and online shopping and social media accounts. Some 60 per cent even adopted the same habit when it came to their online banking accounts, marginally higher than in 2016 when it was 58 per cent.

The survey sought to measure the public's awareness and adoption of cyber hygiene practices, to better help in developing initiatives to bridge knowledge gaps, said the CSA. Data was collected online from 2,035 respondents.

The good news was that more people appeared to be aware of 2FA and had utilised the extra step to secure their accounts.

The survey showed a six percentage point drop in the number of respondents who were "not sure" of the authentication process, from 10 per cent in 2016.


And nearly eight in 10 indicated that they had enabled 2FA for either some or all of their accounts, up from 66 per cent in 2016.

In order to encourage the adoption of good cyber security practices, the CSA launched its second public awareness campaign, Cyber Tips 4 You, yesterday. It will showcase a series of online videos, advertisements and posters.

"Cyber threats show no sign of abating. While we will continue to provide cyber security understanding and know-how to the community, we must recognise that we all have a part to play to protect ourselves online and not fall prey to cyber criminals," said CSA chief executive David Koh.

Correction note: An earlier version of this story said data was collected online from 2,305 respondents. It should be 2,035. We are sorry for the error. 

A version of this article appeared in the print edition of The Straits Times on April 24, 2018, with the headline 'Many complacent about online passwords: Survey'. Print Edition | Subscribe