Foreigner Singapore 2FA

Not complete despite auto registration

I'm keen on two factor authentication (2FA) to improve account security. I use Google Authenticator and I must have ported over about 10 accounts to it.

So when Singapore government online identity system "Singpass" announced they are making 2FA mandatory, I was fine with it.

But after looking into it and effectively being locked out my account since I was not registered by a deadline, I have a bitter taste in my mouth about it.

There is so much confusing information online. This is what I wish I knew as Employment Pass (EP) holder.


To conclude my registration issues came down to my PIN not being issued to me. I switched jobs in June and I think that may have caused the confusion over a period of a month.

So once registering with 2FA and logging in a "OTP" is sent over SMS. My number was correct at the beginning of the process so I am not quite sure what were the merits of going through this error prone PIN mailer process.

I believe you can upgrade for 10 or 20 dollars to a physical token instead of receiving an insecure SMS which obviously will never work when abroad, but I'm really not motivated to upgrade. Especially when I know virtual 2FA via Google Authenticator is the sane way to do it.

All & all a very poor experience with Singapore's Government Technology Agency (GovTech).


If you like this, you might like the stateless Web kiosk software I develop. Webconverger typically replaces Windows on PCs and is deployed in public and business environments for ease of deployment and privacy. Once installed it auto-updates making it painless to maintain. Try it where you exclusively use the only viable open platform... the Web!