Password Tips

Keeping your details secure

Ensuring that your accounts and devices are secured by a password or PIN is key to keeping your data safe.  To ensure the security of your passwords:

  • never write down or share your password;
  • create strong and unique passwords for all your sites and devices;
  • use different passwords for every site that you use a password for;
  • use password managers (such as LastPass and 1Password) to store all the different strong passwords that you create; and
  • wherever possible, use multi-factor authentication (like SMS confirmation codes for login) for your accounts.

How to create a strong password

Creating a strong password is extremely important.  Improvements in computer processing technology have increased the number of password combinations a hacker can use to crack your passwords (up to 200,000 combinations per second).

Below, you will find some information on what constitutes a strong password, and some things to avoid when you are creating a password.

  • Predictability – Strong passwords should use a range of characters in various sets (i.e. numbers, symbols, lowercase and capital letters) in order to increase the number of possible combinations and reduce the predictability of a password – “3D6BeC5Mdspc4g” is a better password than “mybirthday”.
  • Length – Passwords should be a minimum of 12 characters for all accounts to increase the number of possible combinations for your password – that way it will take a hacker longer to try all the possible combinations.
  • Avoid Common Words – It is easier for a hacker’s computer to guess words like “password” or variations on standard dictionary words.
  • Make It Memorable – ‘Passphrases’ with varied characters are a clever way to create strong, memorable passwords.  Here are some examples. 
    • ‘June School Holidays’ can be modified to 7un3Schoo1Ho!idays.
    • ‘I like Australian red wine’ can be modified to Ilike0zzieR3dwine.
    • ‘Be good, be wise’ can be modified to B3g00db3wi5e$.

Do I need to change my password regularly?

Changing your password at regular intervals (e.g. every 3-6 months) is a good practice to keep your accounts secure. However, the strength of the passwords you use is more important.

The longer and more varied your password, the more possible combinations exist, which means the need to change your password regularly is reduced. The focus should be on creating longer, stronger passwords less frequently, as opposed to creating weak passwords often. Of course, creating strong passwords and changing these regularly is ideal, however you must be able to remember them.  This is where password managers (like LastPass and 1Password) can help.