Article tags

Estimated reading time is 5 minutes.

Every day, we use passwords to access our bank accounts, social media, email and more. Passwords are the keys to our online identity. That’s why protecting them is so important.

Creating a strong password is the first step in eliminating the risk of unauthorised access by those willing to put in a bit of guesswork.

Here are some helpful tips to keeping your passwords safe.

1. Make your passwords strong

Short and simple passwords might be easy for you to remember, but unfortunately are also easier for cyber criminals to crack.

Strong passwords have a minimum of 10 characters and a use mix of:

  • uppercase and lowercase letters
  • numbers
  • special characters like !, &, and *.

Use passphrases

Criminals can perform a 'brute force' attack, in which a computer program cycles through every possible combination of characters to guess a password. These automated attempts at guessing passwords are not slowed down by numbers or capital letters, but depend on how long a password is.

That’s why using a passphrase is more secure, and easier to remember than using a password. A passphrase is used in just the same way as a password, but is much longer.

A passphrase is collection of words that is meaningful to you, but not to someone else. For example: cloudhandwashjump is 17 characters long.

Depending on the systems you access, you may be limited to a defined number of characters.

2. Make passwords hard to guess

Could someone who knows you guess your passwords? It’s best to avoid using personal information such as your children, partner or pets name, favourite football team or date of birth as your password, as they can be easy for others to guess.

When trying to hack into an online account, cyber criminals start with start with commonly found words and number combinations.

Here are some things to avoid using:

  • dictionary words
  • a keyboard pattern like qwerty
  • repeated characters like zzzz
  • personal information like your date of birth or driver’s licence number.

3. Create new, unique passwords

If you need to reset a password, don’t just change one part of it. Instead of changing a number at the beginning or end, create something completely new you’ve never used before.

Get into the practice of changing your password often, ideally every few months.

4. Don’t share passwords, ever.

Never share your password with someone, not even with someone you trust.

What about family and friends?

Regardless of whom you share it with, once you share your passwords you lose control of how it’s stored or how and when it’s used.

What if a business or company I know asks for my password?

Reputable companies won’t ask you to give them your password over the phone or via emails or SMS messages. This might be a warning sign of phishing or a scam.

NAB will never ask you for your password or PIN; either by email, SMS, over the phone or at a branch.

You may not be covered for fraud

One of your responsibilities as an NAB account owner and user of Internet Banking is to protect your password. Sharing your passwords or PINs may affect a claim for any money lost due to fraud.

5. Use different passwords for each of your online accounts

Using different passwords means that if one of your accounts is breached, criminals won’t have access to other accounts that use the same password.

If a criminal has access to several of your online accounts, they may use that to impersonate you to your online friends, or businesses you deal with.

6. Store passwords safely

Writing them down is never recommended. You could lose them, or someone else could see them and use them.

What if I have too many passwords to remember?

There are programs and apps known as Password Safes that will store all your passwords in a secure vault.

A Password Safe only needs one strong password to access it, and has extremely strong protection to make sure that only you can access it. This means you only need to remember one strong password to have access to all your passwords. Password Safes even generate new, long passwords for you when you create new online accounts.

Don’t allow web browsers to store your NAB password

Some web browsers may display a pop-up message, asking whether you want the browser to remember your login details. For the protection of your personal information, NAB recommends that you select 'Never for this site' if you see this message when using NAB Internet Banking.

Stay safe by protecting your passwords.

Helpful resources

How to keep your identity safe online

Your identity is your most valuable asset. Protect it. Your freedom depends on it.

How to use social media securely

Social media can provide others with access to your personal world. Make sure you're only sharing what you want to share.

Keep your mobile devices and apps secure

Your mobile device is the portal to almost every detail about you. So it's important to keep it secure.

How to keep your family safe online

The internet is full of information, but it can also be dangerous. Learn how to keep your family safe online.