Password safety tips


We have some sad news – even in 2020, one of the most-used passwords worldwide is still “123456”. Yep, right up there with “password” and “qwerty” (the top row of keys on your keyboard), using any variation of these popular passwords is just asking for trouble.

When it comes to passwords, the more unique it is, the better. A strong password can often be the only thing protecting your personal information from malicious third parties, so it’s important that they’re hard for other people (or machine algorithms) to guess.

To help you stay safe, we’ve put together some handy info and tips to beef up your password security. Have a read through to see if there’s any room for improvement in your current password practice.


Our password policy

If you’re with iiNet, you may have noticed that “123456” isn’t accepted as a safe password. We’ve deliberately written our Password Policy to help keep your account strong and secure – and it’s a formula you’re welcome to use for other sites, too.

We require all passwords to be:

  • Be at least 9 characters long
  • Have at least one uppercase and one lowercase letter
  • Have at least one number (i.e. 0 to 9)
  • Not be based on your account details (e.g. your username, name or birthday)
  • Not contain any spaces or tabs
  • May only contain letters, numbers or other standard characters

Trust us, taking a few moments to type in a trickier password is far, far better than having your password cracked. Provided you’re using a secure trusted device, such as your personal computer at home, or a smartphone with a locking mechanism (e.g. PIN, fingerprint or facial recognition) then it’s typically safe to get your web browser to remember your login details so you don’t have to type them each and every time you log in. Just be sure to NEVER tick “Remember this password” on public computers such as those at airports and libraries!

While our Password Policy prevents you using a weak password, other online services may not have similar policies. As a rule of thumb, we recommend following our policy when creating any password because the results will typically be more secure – and that’s always a good thing!


More password tips and tricks

  • Most passwords support all ASCII characters, not just letters and numbers. That means you can jazz up your password with any of the following characters: ` ~ ! @ # $ % ^ & * ( ) _ + – = { [ } ] \ | ; , . / : < > ?
  • Sure, password policies have a minimum character limit, but what about a maximum? If a limit exists, it’s usually pretty lengthy – a maximum password length of 138 characters is common. Instead of a random mish-mash of letters and numbers, why not make your password a whole sentence (sans spaces)? Longer passwords are more secure, and a coherent sentence can also be easier to remember. Song lyrics, a movie or book quote… the sky’s the limit!
  • Find it difficult to remember passwords? Help is on hand! A Password Manager can make life easier by remembering all your different passwords for you, so you only have to remember a single “master” password. There’s a comprehensive review of both free and paid password manager options over on Tom’s Guide.
  • If you’re averse to technological solutions for your password memorisation woes, we still stand by the old fashioned, analogue method: write it down, and lock it up.


Factor in some extra protection

Now that your passwords are secure, it’s time to take it up a notch with Two Factor Authentication, also known as 2FA. You may already have 2FA in use with your banking institution. To log in successfully, you’ll not only need a password – you’ll also need to confirm a second authentication factor, such as a unique code sent via SMS to a mobile listed on your account.

You should aim to use 2FA wherever it is available, particularly for bank accounts, cloud services, and social media profiles. The Australian Cyber Security Centre has a range of how-to guides for turning on 2FA here.

For more information about passwords, PINs and passphrases, visit the Australian Cyber Security Centre’s website.


Do you have a digital security tip to share with us? Tell us in the comments.

No comments - go ahead, have your say!

Leave a Reply

Your email address will not be published.