on this page
Watch this video to learn how to protect against scams.
Read more advice and information about how to protect yourself online on the Australian Cyber Security Centre website.
Verbal passwords
You can setup a verbal password on your Centrelink, Medicare, and Child Support records. You can phone us or visit a service centre to have the password added. This puts an extra layer of security on your record.
We will ask for your verbal password when completing a security check. You must give your verbal password to us whenever you speak with a Service Officer over the phone or in person.
Online services
If you think your identity has been compromised, we can lock your online access, phone self-service and Express Plus apps. This may help prevent unauthorised access to your records. You need to phone us or visit a service centre in person to have these locks applied.
We may write to you if we notice there’s been unauthorised activity in your online account.
This can happen when criminals use your personal information to gain access to your account to conduct fraud, for example by claiming or redirecting payments.
We have security measures in place to prevent and detect this type of activity.
If we send you a letter about unauthorised activity in your Centrelink online account, check your personal details are correct. To do this:
- Sign in to myGov.
- Go to My details in the menu.
- Select My profile.
You should also review your recent payments and claims. To do this:
- Select Payments and claims.
- Select My payments.
- Check the bank account number is correct and belongs to you.
- Check your past payments by selecting View payment history.
- Review recent claims by selecting My online claims.
You should call us if either:
- you can’t sign into your online account
- information in your online account is incorrect or has changed.
We may also tell the Office of the Australian Information Commissioner under the Privacy Act 1988. For information about the help they provide and how they investigate possible data breaches, read more on the Office of the Australian Information Commissioner website.
Multi-factor authentication
Multi-factor authentication is one of the strongest ways to protect yourself online and make it harder for scammers to access your online accounts. It involves receiving a code through text message or a code generator app or setting up secret questions and answers.
We call this a second sign in option for your myGov account.
Read more about how to change your second sign in option on the myGov website.
Passkeys
Passkeys are a more secure alternative to passwords.
A passkey lets you use the security features on your phone, computer or tablet to sign in to apps and websites. Passkeys can be:
- biometrics, such as fingerprint recognition or facial recognition
- screen lock, such as a PIN or swipe pattern
- a physical security key.
Find out how to create a Passkey in your myGov account on the myGov website.
Code by SMS
You can use a 6 digit code sent to you by SMS as your second sign in option for myGov.
Read more about how to use a code sent by SMS on the myGov website.
myGov Code Generator app
The myGov Code Generator app creates codes you can use as your second sign in option. This adds an extra layer of protection separate from your mobile phone or email address.
The myGov Code Generator app is available from the App Store and Google Play, for free.
Read more about how to use the myGov Code Generator app on the myGov website.
Secret questions and answers
Your secret questions and answers were created when you set up your myGov account for the first time. You can use these questions and answers as your second sign in option.
Read more about how to use secret questions and answers on the myGov website.