Protect your passwords: tips to keep you safe online

mobile phone with exclamation points jumping out of it while a person also holds a debit / credit card

Published on 08.04.2025

Passwords are the keys to our online identity. That’s why a strong and unique password is critical to online safety.

In 2023, the Australian Signals Directorate (ASD) received more than 87,000 reports of cybercrime over the financial year, an average of a report every six minutes.

Here are some simple tips from NAB to ensure you have the best practices in place to protect your passwords.

1. Create Strong Passwords

A strong password is your first line of defence against cyber threats. Ensure your passwords are:

Long and Complex: Use at least 12 characters, including a mix of uppercase and lowercase letters, numbers, and special symbols.
Unique: Avoid using the same password across multiple sites. Each account should have its own unique password.
Unpredictable: Steer clear of easily guessable information such as birthdays, names, or common words.

Consider using passphrases instead, which are a string of four random words put together with some special characters. These are much easier for you to remember (or your Password Safe can!) and harder for criminals to guess.

2. Update Your Passwords

Changing your passwords periodically can help protect your accounts from being compromised. Set reminders to update your passwords every so often- and change the whole thing, not just part of it.

3. Use a Password Manager

Managing multiple strong passwords can be challenging. A password manager can help by securely storing and generating complex passwords for you. This way, you only need to remember one master password.

4. Enable Two-Factor Authentication (2FA)

Two-factor authentication adds an extra layer of security by requiring a second form of verification in addition to your password. This could be a code sent to your phone or an authentication app. Enabling 2FA significantly reduces the risk of unauthorised access.

5. Be Wary of Phishing Scams

Phishing scams are attempts to trick you into revealing your passwords or other sensitive information. Always be cautious of:

Suspicious Emails and Links: Do not click on links or download attachments from unknown or unexpected emails.
Requests for Personal Information: Legitimate organisations will never ask for your password or personal details via email.

You can find more information on good password management NAB’s website. For more information on how to stay safe online visit NAB’s dedicated security hub at nab.com.au/security.

Customers, banking & finance

Cyber Security

SEE ALL TOPICS

Media Enquiries

For all media enquiries, please contact the NAB Media Line on 03 7035 5015

A pink love heart shape with a sparklers effect on a black background.

Scams

Roses or red flags? Top tips to protect yourself from romance scams this Valentine’s day

NAB is sharing top tips to help Aussies protect their hearts and their wallets from romance scams.

12.02.2025
2 min read

Photo of hand holding a mobile phone with a payment alert.

Scams

Scam warnings drive almost $50million in abandoned payments

NAB customers abandoned $48.5 million worth of payments in the past two months alone after real-time payment alerts sent by the bank warned customers of scams.

24.01.2025
2 min read

An image with warning signs and a calendar and red flags with a red background.

Scams

Explainer – five scams to watch in 2025

NAB shares the five scams to watch out for in 2025, including AI-powered scams and bucket list scams.

08.01.2025
1 min read

Quick links

Business Research and Insights

For more business news and analysis, visit NAB’s Business Research and Insights .

NAB Security Podcast

For more insights about cyber security and fraud, and practical tips on how to stay safe, listen in to NAB’s Security Podcast series.

NAB tech blog

For more insights about technology and the digital developments enabling change for customers, visit the NAB tech blog on Medium.

NAB News