New Delhi, Dec 22 (PTI) The Income Tax Department has warned taxpayers against sharing their user ID and password with any unauthorised person, saying they too will be liable to face consequences for misuse of their confidential information.
In an advisory to taxpayers, the department's TDS (Tax
Deducted at Source) Centralised Processing Cell (CPC) told assessees that their
"user ID and password are the most sensitive information, misuse of which
can lead to tampering of confidential TDS-related information, your own
sensitive data and deductee-related confidential information".It further
said that "if a password is hacked or stolen, it can result in information
security breach, leading to undesirable consequences, including privacy
violations".
It asked taxpayers to exercise caution in use of log-in
credentials at TRACES, which should not bedisclosed to any unintended or
unauthorised individual. "If shared, the person using login credentials
shall also be liable to consequences," it added.
TDS Reconciliation Analysis and Correction Enabling
System (TRACES) helps easy filing of tax deducted at source (TDS) or tax
collected at source (TCS) correction statements by deductors/collectors and
related functionalities.
The taxman asked users to secure their password with at
least eight characters in length and a combination of lower case, upper case,
numeric and special characters.
"Do not write your password on notepads or the
whiteboard at your desk," it cautioned.
"Keeping sensitive information such as passwords in
e-mails, folders and files in the computer can be risky. If the e-mail or
computer account is hacked, then the perpetrator could misuse the passwords,
steal money from your bank accounts, misuse your e-mail account or credit/debit
card to access sensitive information from your machine," it said.
It has also asked users not to use the same password for
different accounts. "Using the same password for more than one account is
similar to carrying one key that unlock your house, car, office and safety
deposit box. One lost key could let a mischievous unauthorised user unlock all
doors," the department warned.
It went on to advise against sharing log-in credentials
as also using the login credentials of any person other than the authorised one
appointed by the deductor for carrying out any activity on TRACES.
"You are requested to similarly treat Digital
Signature Certificate with utmost security, as the user ID and password on
TRACES," it said.
