Cybersecurity Essentials: Mastering Password Protection

Facing Australia’s rising cybercrime rates head-on, our guide provides key insights into optimising your password security. Find out how to strengthen your defences and keep your digital world secure.

We spend a lot of time online and don’t often think about the risks involved. Yet if we are not careful, we can make ourselves vulnerable to criminal activity such as hacking, phishing, and identity theft.

The annual Cyber Threat Report announced in 2023 a 23% year-on-year increase in cybercrimes in Australia, amounting to a cybercrime reported every six minutes.i And according to the recent Cybercrime in Australia report also published in 2023, 47% of survey respondents experienced at least one cybercrime that year, with half of all victims experiencing more than one instance.ii

One of the simplest ways to protect yourself online is to ensure you have secure login credentials and to update your passwords regularly. So, if you haven’t updated your passwords for some time, below are some tips to ensuring stay secure online.

Stronger password security

Vary your passwords
The most common vulnerability is passwords. We have passwords for many things we do online, protecting our bank accounts, inboxes, and social media accounts to name just a few.

With the need for so many passwords, it’s easy to see why we often become complacent and choose the same one for multiple accounts. A 2019 Google/Harris Poll study found that 52% of respondents use the same password for multiple accounts and 13% reuse the same password for all their accounts.iii Not only does this put your accounts at risk of being compromised, using the same password can lead to hackers utilising your credentials as a way of identifying as you.

Get creative
It’s no surprise that the most common passwords are 123456 and admin– they are easy to remember, however they are also easy for anyone to guess.iv

Choose a password that’s at least 12 characters long with a mix of uppercase and lowercase letters, numbers, and symbols. Some sites will need you to do this when you sign up, and it is good practice even when not required. Avoid using easily guessed information like birthdays, names, or common words (such as user or password).

Password management
Remembering your passwords, especially those which are a unique combination of letters and numbers, can be tricky. Use a centralised password management system to record passwords. There are many to choose from so look out for ones that are encrypted with a strong algorithm to prevent hacking.

Use 2-step verification
Another way to strengthen online security is to use 2-step verification. This adds additional security by asking you for further details, such as a number sent to you as a text message or email, or using an authenticator application to verify your identity when you log-in.

More ways to keep safe online

Using anti-virus software is wise as it’s designed to provide protection against the latest viruses and other types of malware. It updates automatically so you don’t need to worry as much about having to be on top of the latest cyber threats. It’s also worthwhile backing up any important data.

Not all our interactions online are protected, so be sure to use secure networks and be careful about public Wi-Fi, such as the one you might use in a café, airport, or library. Public Wi-Fi is convenient, however if you are using websites that aren’t encrypted, this information is at risk. Look out for the lock symbol near your browser’s location field and check that the site address starts with ‘https’ rather than ‘http’ to be on the safe side.

Lastly, it’s the simplest solution but one that bears mentioning – keep your personal information private. Don’t share your log-in information unless absolutely necessary and don’t display your passwords somewhere that’s easy to find (such as a label on your phone or laptop).

These preventative measures can help you stay safe online and away from the risks of cybercrime.

Common passwords in Australia
1. Banned — 2 minutes to crack
2. 123456 — less than a second to crack
3. Admin — less than a second to crack
4. password — less than a second to crack
5. qwerty123 — less than a second to crack
6. 12qwasZX — less than a second to crack
7. Starwars29 — 3 seconds to crack
8. welcome11 — 2 seconds to crack

i https://www.minister.defence.gov.au/media-releases/2023-11-15/release-annual-cyber-threat-report-2022-23
ii https://www.aic.gov.au/publications/sr/sr43
iii https://services.google.com/fh/files/blogs/google_security_infographic.pdf
iv https://nordpass.com/most-common-passwords-list/

This article is intended as an information source only and to provide general information only. The comments, examples, words and extracts from legislation and other sources in this publication do not constitute legal advice, financial or tax advice and should not be relied upon as such. All readers should seek advice from a professional adviser regarding the application of any of the comments in this article to their particular situation.