Personal information security

There are a number of ways to protect your information and reduce the risk of a scam.

You can reduce the risks of being scammed by taking steps to secure your personal information.

Use strong passwords or passphrases

Using weak passwords is a threat to your online security. If you use the same password on multiple accounts you're at risk of being hacked.

One of the best ways to stay safe online is to use multiple strong passwords. An even better option is to use passphrases.

A passphrase should be hard for someone to guess. It shouldn’t include any personal details, like your birthday or pin numbers. It should have:

  • at least 15 characters
  • upper and lower case letters
  • numbers
  • at least one punctuation character.

‘Welike2holidayonthem00n!’ is an example of a strong passphrase. It’s longer than a typical password, and easy to remember.

Remember to change your passwords regularly.

Use secure wi-fi networks

Be aware that using an unsecure wi-fi network can put your personal and financial details at risk.

Public wi-fi in shopping centres, hotels, airports and even cafes can be targets for scammers. Scammers can set up wi-fi hotspots in order to steal passwords, usernames and credit card details.

Try to avoid using hotspots managed by people or organisations you don’t know. You should:

  • use password protected hotspots
  • check the privacy and security clauses before agreeing to the terms of use
  • look for ‘https’ and a padlock in the website and address
  • use only secure connections
  • turn off file sharing and location services
  • consider installing a virtual private network (VPN) on your device, which will create a secure connection.

Remember to hide details on your screen when using a computer or mobile device in public.

If you’re using a public computer, remember to sign out of your online accounts and close the browser.

Keep software updated

Keep your computer networks and mobile devices secure with security software.

Your mobile devices will have regular software updates. These include fixing vulnerabilities. Updating your software will give you the best protection possible.

Your desktop computer should always have reputable virus checking software running.

You should also keep your sign in details private. Protect your mobile device with a password, and set your device to lock after a short period of inactivity.

If you’re using a public computer, keep your personal information hidden. Remember to sign out of your online accounts and close the browser.

Use two-factor authentication

Two-factor authentication is an extra layer of security for your online accounts. It’s an extra step on top of your password that makes it harder for people to access your accounts.

The most common use of two-factor authentication is using a code sent via SMS to your phone.

Using strong passwords as well as two-factor authentication makes it harder for scammers to access your accounts. That is because the person would also need access to something else, like the unique code.

You can use a security code for your myGov account. It’s a quick and secure way to sign in to your account. Read more about myGov security codes.

Secure your mailbox and rubbish bin

Some scams start with people taking mail from mailboxes or rubbish bins. Once people get information about the companies you usually deal with, they can use it as a scam. They can also get your personal and banking details, or intercept bank cards or cheques. It’s a good idea to secure your mailbox with a lock. You can redirect your mail when you move or go away for long periods.

Use tools and resources to improve information security

There are a number of useful tools and resources that help you stay safe online.

Password managers are apps that keep your passwords safe. With these, you only need to remember one password, which is the one that opens your password manager.

For landline phones, ask your phone provider if they have a tool that can help you screen calls.

Find more tips on staying safe from scammers on ScamWatch.

Page last updated: 30 September 2019