Every day, how often do you use a password or personal identification number (PIN) to log into an account? It’s a lot. That is why it is so important to treat your PIN and passwords, particularly your banking password, as top secret.
Tip 1. Have a strong password.
It’s true. Creating a strong password that is eight characters or longer will make it more secure and harder for cybercriminals to crack.
Use a mix of the following to create a strong password.
- Uppercase and lowercase letters.
- Special characters like $, * and $.
We recommend using a passphrase.
The longer the password the better, which is why a passphrase is good. Think of a passphrase that is made up of at least four words, including at least 14 characters, for example 'dogbarkjumprun'. Make it meaningful to you so it is easy to remember.
Tip 2. Don’t write your password down. Or share it. Ever.
This may seem like common sense but don’t write your password down, or share it with anyone, even close friends and family.
Tip 3. Maintain password and PIN hygiene to keep them safe.
- Don't use the same password for multiple services or websites.
- Don't provide your password in response to a phone call or email, regardless of how legitimate it might seem.
- Don't provide your password to a website you have accessed by following a link in an email — it may be a phishing trap.
- Be cautious about using password-protected services on a public computer or public Wi-Fi.
Tip 4. Use two-factor authentication.
Two-factor authentication (2FA) simply means there are two checks in place to prove your identity. With 2FA, you need to provide two things – your password and something else such as a code sent to your mobile device, your fingerprint or facial recognition – before you can access your account. This provides you with an extra layer of protection.
Lastly, contact us immediately.
If you think your password or PIN may have been compromised, it is important that you contact us immediately by phone Monday to Friday between 8am and 6pm AEST/AEDT on 1800 033 139 or by email to [email protected]. We can place a temporary block on your accounts and help you reset your passwords.