New Delhi, December 23: In an advisory to taxpayers, the department's TDS Tax Deducted at Source Centralized Processing Cell CPC told assesses that their "user ID and password are the most sensitive information. Misuse of this information can lead to interfering of confidential TDS-related information, your own sensitive data and deductee-related confidential information".
The income tax department cautioned taxpayers that sharing their confidential information like user ids and password with unauthorized person; they too will be liable to face consequences for its misuse.
"If a password is hacked or stolen, it can result in information security breach, leading to undesirable consequences, including privacy violations," it added.
It asked taxpayers to exercise caution in use of log-in credentials at TRACES, which should not be disclosed to any unintended or unauthorized individual. "If shared, the person using login credentials shall also be liable to consequences," it added.
TDS Reconciliation Analysis and Correction Enabling System or TRACES helps easy filing of tax deducted at source TDS or tax collected at source TCS correction statements by deductors and collectors and related functionalities.
The taxman asked users to secure their passwords with at least eight characters in length and a combination of lower case, upper case, numeric and special characters."Do not write your password on notepads or the whiteboard at your desk," it cautioned.
"Keeping sensitive information such as passwords in e-mails, folders and files in the computer can be risky. If the e-mail or computer account is hacked, then the perpetrator could misuse the passwords, steal money from your bank accounts, misuse your e-mail account or credit/debit card to access sensitive information from your machine," it said.
It has also asked users not to use the same password for different accounts. "Using the same password for more than one account is similar to carrying one key that unlock your house, car, office and safety deposit box. One lost key could let a mischievous unauthorized user unlock all doors," the department warned.
It went on to advice against sharing of log-in credentials as also using the login credentials of any person other than the authorized one appointed by the deductor for carrying out any activity on TRACES.
"You are requested to similarly treat Digital Signature Certificate with utmost security, as the user ID and password on TRACES," it said.