Password Tips

Keeping your details secure

Ensuring that your accounts and devices are secured by a password or PIN is key to keeping your data safe.  To ensure the security of your passwords:

  • never write down or share your password;
  • create strong and unique passwords for all your sites and devices;
  • use different passwords for every site that you use a password for;
  • use password managers (such as LastPass and 1Password) to store all the different strong passwords that you create; and
  • wherever possible, use multi-factor authentication (like SMS confirmation codes for login) for your accounts.

How to create a strong password

Creating a strong password is extremely important. With improvements in modern technology have come methods to increase the number of password combinations a hacker can use to crack your passwords – some can check billions per second!

Below you will find some information on what constitutes a strong password and some things to avoid when creating these:

  • Length – The main factor in determining the strength of your password is length – the longer it is, the stronger it is! Passwords should be a minimum of 12 characters for all accounts to increase the number of possible combinations for your password
  • Predictability – Strong passwords should use a range of characters in various sets (i.e. numbers, symbols, lowercase and capital letters) in order to increase the number of possible combinations and reduce the predictability of a password. You can even include spaces in your passwords!
  • Avoid Common Words – Try to avoid using common dictionary words when creating your passphrase. Words such as Password or variations on standard dictionary words are easily guessed by hacker – a random word or phrase generator might assist here.
  • Make It Memorable – ‘Passphrases’ with varied characters are a clever way to create strong, memorable passwords. Your passphrase should comprise at least four words. Some examples are:
    • ‘June School Holidays’ can be modified to 7un3Schoo1Ho!idays.
    • ‘I like Australian red wine’ can be modified to Ilike0zzieR3dwine.
    • ‘Be good, be wise’ can be modified to B3g00db3wi5e$.

Do I need to change my password regularly?

Not necessarily. If the initial password you create is strong then you should have no reason to change the password unless you think it might have been compromised. If you do need to change it, avoid following a theme or a common pattern (e.g. using lines from a poem or changing a digit or symbol at the end of the password).

The longer and more varied your password, the more possible combinations exist, which means the need to change your password regularly is reduced. The focus should be on creating longer, stronger passwords less frequently, as opposed to creating weak passwords often. 

Last Updated 16/01/2018