Passwords are your first line of defence against unauthorised access to your personal information, and the stronger they are, the better protection they can provide. With identity theft on the rise, it's more important than ever to ensure your passwords are working to keep your identity protected.

Find out how strong passwords can protect your identity, how to create them, and how you can keep track of your passwords to stay protected.

Why weak passwords put your identity at risk

Consider how many times you need to create or use a password to access an application or program online. Whether it's to check emails, pay a bill, shop online, study, register warranties, access government payments – and more – online accounts are a necessary part of our lives. They help us manage our interactions with service providers, track our activity, and store essential information.

Each online account requires a password that acts as a virtual key. They're designed to help keep your information safe and secure, but for many people, their passwords aren't set up to provide them with enough protection.
Weak passwords use predictable details such as names, birthdates, or maiden names. This makes it easier for cybercriminals to guess, particularly if they can access an array of personal information from different sources such as hard copy bills or publicly available social media accounts.

The other danger is using the same passwords across different accounts. Once one password is uncovered, it automatically gives access to several other accounts. This significantly increases the consequences of having your personal information compromised.

What happens when your passwords are hacked 

If your passwords are discovered, you risk becoming a victim of identity crime – and the consequences can be serious. Once your accounts are accessed, your personal information can be stolen and traded on the dark web. It can then be used to carry out fraudulent activities such as applying for a loan in your name, making purchases on your credit card, creating false identity documents, and more.

The impact of having your identity stolen can cost you time, money, and your financial health. The Cybercrime in Australia 2024 report by the Australian Institute of Criminology (AIC) reported it was common for cybercrime victims to have experienced multiple incidents and types of cybercrime in the 12 months to the survey. 

The most common incidents of identity crime and misuse reported were suspicious transactions appearing in their bank statements or accounts, credit card or credit report; and receiving calls from debt collectors asking about unpaid bills they did not recognise. 
Approximately 11.6% of identity crime victims and 16.5% of fraud and scam victims surveyed lost more than $1,000 in their most recent incident. 2.8% of fraud and scam victims, 2.8% of identity crime victims lost more than $10,000. A small proportion of victims, including 1.2 percent of fraud and scam victims, lost more than $100,000.

Overall, 56.8% of victims were negatively impacted in some way. This means an estimated 26.1% of all respondents were negatively impacted by cybercrime in the 12 months prior to the survey. 40% of victims reported practical impacts, 26.8% reported social impacts, 19.7% reported health-related harms, and 16.7% reported financial problems. 

How to create strong passwords to protect your identity

One of the best measures you can take to protect yourself is to create strong passwords for your accounts. Take a look at our guidelines for creating strong passwords, complete with examples of strong passwords below:

Make it memorable
You can use a phrase that's important to you and turn it into a password using a rule, such as using the first two digits of each word. For example:
Phrase – My first car was a Mazda 3 and it was red.
Password – MyficawasMa3re

Make it unique
Use a different password for each account you have online. You can make this simpler by using a different passphrase for different areas of your life, such as banking, shopping, email, or work. For example, your banking passphrase may focus on your first car, email passphrase on your first concert, and work passphrase on your favourite cuisine.

Make it longer
Long passwords are stronger passwords as they make it harder for hackers to break. You can use a passphrase rather than a password to help create longer passwords. Combine this with a mix of upper case and lower-case letters, numbers, and symbols with a minimum of 8 characters to add complexity.

Things to avoid include:

• Any personal information such as your name, address, or phone number.
• Obvious combinations such as your street name followed by 1 or 123.
• Making minor modifications to old passwords, such as changing one number or letter.
• Leaving your computer or laptop unattended as it gives thieves the opportunity to access already open applications and change password settings.

How to keep track of passwords

If your password feels hard to remember – then it's a strong password. And while this is good news for protecting your identity, it might not be good news for you. With so many accounts and passwords to remember, it can feel impossible to remember them all.
Here are some tips to help make tracking and remembering your passwords easier:

Use a password manager

A password manager is an online application that stores and protects your online credentials. Sensitive information is protected in a digital vault using layers of encryption. They can also generate passwords and be synced across your devices. You will need an additional master password to get into the account, but the good news is that it's the only one you'll need to remember. Examples of password managers include LastPass, Dashlane, and KeePass.

Save usernames and passwords

Several devices, browsers, and apps can autofill usernames and passwords after your initial login to an account. The key to making this method secure is to have a strong password for your selected device or application.

Enable two-factor authentication

Many accounts offer an extra layer of security via two-factor authentication. This means you'll need to follow an additional step to log in, such as entering a code sent to your phone or using your fingerprint. Enabling this feature where available can help add an extra layer of security to your accounts.

Use biometrics to log in

Biometric logins allow you to use physical evidence of identity to log in to an account. They are becoming more popular as they're unique to each individual, with examples including fingerprint scans, voice authentication, and facial recognition. Markers of your unique identity are stored either on your phone or via an application that verifies the correct person is trying to access an application or account. Once your initial biometric password is authenticated, it then forms part of your digital identity information and is later accessed for comparison when you log in.

Consider pen and paper

Writing prompts down can be another way to help remember your passwords. You can use phrases, questions, or sequence prompts to help trigger your memory without needing to write down your passwords.
For some people, writing down passwords is their preferred method, regardless of the other options available. If you do choose this method, ensure written passwords are kept in a secure, locked place away from your computer. Also, avoid creating a document on your computer as it can be accessed if your computer is hacked.

Ready to protect your identity?

Strong passwords are an essential first step to keeping your personal information safe. For more information on what else you can do to protect your identity, take a closer look at our credit and identity protection plans.

Disclaimer: The information contained in this article is general in nature and does not take into account your personal objectives, financial situation or needs. Therefore, you should consider whether the information is appropriate to your circumstance before acting on it, and where appropriate, seek professional advice from a finance professional such as an adviser.