Go to top of page

Use two-factor authentication for your online services

28 December 2014

Alert Priority Moderate

With more of us storing and sharing our personal and organisational information online, online safety and security needs to be a critical part of our life and business planning. One important feature you should use − where available from online services − is two-factor authentication.

Two-factor authentication involves two different criteria, or factors, used to authorise your access. Typically, these factors are something only you know (like a password) and something only you have (like your mobile phone). For example, when logging on to an account with your password, a one-time code may be sent to you as a text message. You will then be asked to enter the code that was texted to you as the second factor of authentication into the website you are attempting to access.

If you use any service that offers additional factors for authentication, we advise you to enable and use these.

It is still important that you keep both factors secure. If sending a text to your mobile phone is the second factor, you should keep your phone safe and set the PIN or password to lock it, in case you lose it. The Stay Smart Online website has a comprehensive list of steps to secure your mobile device.

Many of the world’s most popular online services have introduced an optional second factor to their log-on processes, but others are still to do so. You can usually find an option for enabling two-factor authentication in your account settings for each site. Businesses that collect personal or business information are encouraged to offer two-factor authentication as an option for customers wherever possible.

If scammers or hackers can access and harvest your personal and financial information, the consequences can be damaging – your identity could be stolen, your bank accounts emptied, or critical business operations may be disrupted.

While there is no silver bullet for security, choosing websites or apps that offer two-factor authentication provides you with additional protection. You should also continue to use a strong and unique password for each site or service you use. It is one of the core things you can control to be safer online.

More information

The Stay Smart Online website has more information about two-factor authentication, as well as tips for setting and using strong passwords.

Please note that many email-only subscription services, such as the Stay Smart Online Alert Service, do not collect personally identifying information so offering two-factor authentication would be unnecessarily onerous for subscribers.

The information provided here is of a general nature. Everyone's circumstances are different. If you require specific advice you should contact your local technical support provider.


Thank you to those subscribers who have provided feedback to our Alerts and Newsletters. We are very interested in your feedback and where possible take on board your suggestions or requests.


This information has been prepared by Enex TestLab for the Department of Communications ('the Department'). It was accurate and up to date at the time of publishing.

This information is general information only and is intended for use by private individuals and small to medium sized businesses. If you are concerned about a specific cyber security issue you should seek professional advice.

The Commonwealth, Enex TestLab, and all other persons associated with this advisory accept no liability for any damage, loss or expense incurred as a result of the provision of this information, whether by way of negligence or otherwise.

Nothing in this information (including the listing of a person or organisation or links to other web sites) should be taken as an endorsement of a particular product or service.

Please note that third party views or recommendations included in this information do not reflect the views of the Commonwealth, or indicate its commitment to a particular course of action. The Commonwealth also cannot verify the accuracy of any third party material included in this information.


Facebook: www.facebook.com/staysmartonline
Email: staysmartonline [at] communications.gov.au
Web: www.staysmartonline.gov.au
You are receiving this message at the address [Email].
Update your profile preferences
If you no longer wish to receive this information, you can unsubscribe.

© 2013 Australian Government. All rights reserved