Step 1: Set and protect your passwords
A password on your computer is like a lock on your front door—it prevents strangers walking into your house and stealing your possessions. Using a password and changing it regularly makes it hard for other people to access the information on your computer.
When you have set a password, your computer will ask you to enter the password whenever you turn it on or ‘wake it up’ from its screen saver.
Passwords aren’t absolutely unbreakable, but they can strongly deter unauthorised people from using your computer.
How to set and protect passwords
- Choose a ‘strong’ password.
Using strong passwords can help protect them from being 'cracked' or guessed. A strong password consists of:
- a minimum eight characters
- a mix of upper and lower case letters
- at least one numeral, and
- at least one non-alpha numeric character—for example, a symbol.
With the computing power and resources available today, it is estimated that a password with these features would take several years to crack. Passwords with fewer characters that have all letters or all numbers can be cracked within a few minutes.
Strong passwords can still be captured by some types of malware designed to capture key strokes and stored passwords on the computer, so a strong password is not a substitute for implementing good security practices more generally.
- Avoid using dictionary or foreign words. Hackers have many tools, such as dictionary programs, to assist them.
- Avoid passwords that would be readily identifiable or easy for anyone to guess, such as your name or business name.
- Never share your password with anyone. Passwords are often used to protect personal or financial information, so they need to stay private.
- Memorise your password if you can. If you need to write it down in order to remember it, hide it somewhere safe.
- Change your password at least twice a year—consider making a diary entry to remind yourself.
- Never send your password via email or store your passwords in plain text on your computer. Listing your passwords and accounts in a spreadsheet on your computer could lead to someone compromising all your accounts.
- Never reuse old passwords. Use a completely new password every time you change your password.
- Use different passwords for different systems—otherwise if one is compromised it may give an attacker access to a range of online accounts. For example, use a password for online banking that is different to the ones you would use for email or social networking.
- Be careful using your password on a public internet terminal (such as an airport or internet cafe). Read more about how to protect yourself when using Public computers.
Top tip for password creation
To make a password easy to remember, think of a pass phrase and then change some of the characters to make it a strong password. For example:
- June School Holidays can be modified to: 7un3Schoo1Ho!idays
- I like Australian red wine can be modified to: Ilike0zzieR3dwine*
- Be good, be wise can be modified to: B3g00db3wi5e$
Please don't use these examples.
Further information
For more detailed advice, please see the factsheet for more details 
Understanding Password Security.
