Using the same password for all your accounts is handy, right? But each account needs its own strong, unique password to help prevent hackers from accessing your personal and private information.
What is a strong password?
A strong password should be at least 12 characters long and include a mix of upper and lowercase letters, numbers, and symbols.
Avoid using personal information, like your name, birthday, or address. You should also avoid using common words or phrases.
Why do I need a strong password?
Strong passwords can stop hackers in their tracks if they’re trying to access to your accounts. Hackers use a range of methods to try and crack passwords:
Brute force attacks: This is where hackers try every possible combination of characters until they find your correct password. This works when passwords are weak.
Dictionary attacks: This is where hackers use a dictionary of common words and phrases to guess passwords. This is an effective way to crack passwords based on common words or phrases.
Social engineering attacks: This is where hackers try to trick users into revealing their passwords. It can happen through phishing emails or creating fake websites.
Password checklist
- Make sure your password is at least 12 characters long.
- Use a combination of uppercase and lowercase letters, numbers, and special characters.
- Avoid common words, phrases, or information that’s easy to guess, like birthdays, names, or addresses.
- Create a unique, distinct password for each account.
- Instead of a single word, use a passphrase. This is a combination of random words, numbers, and symbols, e.g. "MyBlueY@chtSailsOverCarrots12"
- Never use predictable patterns or sequences like "123456" or "abcdef".
- Single words found in dictionaries are easy for hackers to crack with a dictionary attack, e.g. admin.
- Use acronyms, or substitute letters with numbers or symbols, e.g. "S@veM0ney” for “SaveMoney”.
- Make it a habit to update your passwords regularly.
- Check your password by using a “strength checker” to see how strong it is and spot any potential weaknesses.
- Check out the NSW Government password checker.
- Get a password manager – downloadable software that helps generate, manage and store unique passwords.
If you ever feel unsafe online, file a report at ReportCyber.
To help others spot new and emerging scams, report to Scamwatch.