Privacy Awareness Week 2015


Privacy Awareness Week is held in May each year and is a great reminder for us all to review how we approach privacy and security online.

The Internet allows us to do many things that in previous decades we would only have the option of doing in person. Instead of posting letters or photos we now update our status on social media. Rather than waiting in line at the bank during our lunch break we can pay bills and transfer money online. And buying birthday and Christmas presents has never been easier thanks to a treasure trove of online shopping stores.

But all these actions require you to provide some type of personal information whether it’s your name, address, birth date, credit card details or bank account information.

Although this information is usually safe guarded online with a password, there are steps you can take to ensure that your personal information is kept as safe as possible.

What can I do to protect my personal information?

Think about all the websites that require you to enter a password. Whenever you are prompted to create or change your password, keep these handy tips in mind.

  • Use a password generator. Lucky for our customers, we’ve created a handy password generator tool located in the ‘Change Your Password’ section of Toolbox. For Westnet customers it resides in the same portion of MyAccount.  While you’re in Toolbox, check that your personal information such as contact details are up-to-date.
  • Change your password. Put a reminder in your calendar and update your passwords on a regular basis (quarterly is good). In fact, if you haven’t updated your iiNet password for a while – today is a great day to do it!
  • Use different passwords for different sites. Don’t use the same password for all your websites or accounts. If one account is compromised it can leave the others vulnerable.
  • Lock it up. Lock your mobile device including laptops, smartphones and tablets with a passcode, password or biometric when not in use.
  • Secure your WiFi connection. Secure your home and office WiFi with encryption and a password.
  • Don’t share your password. Enough said.

What makes a good password?

  • Mix your cases. Our passwords are case sensitive, so mixing between upper and lower case is a must.
  • Like all good geeks, we love numbers – be sure to include them in your password.
  • Avoid the obvious. Simple passwords might be easy to remember, but the easier they are to remember the easier they are for someone else to guess. One big no-no is including your username in your password, alongside dictionary words, and the names of your family and friends.
  • The longer the better. Short passwords are much easier to guess; your password should be a minimum of nine characters long.

How to change your iiNet password

1. Log in to Toolbox with your username and current password.

2. Select My Account from the navigation bar. If you’re using a mobile, you’ll need to tap the grey menu icon to expand the navigation list as shown below:


3. Select Change password from the left-hand column. If you’re using a mobile, you’ll need to tap the grey My Account actions bar to expand the list of options as shown below:


4. Type in your current password and new password into the corresponding entry boxes. Note: Passwords must meet the requirements in our Password Policy.


5. Click Change Password to finish.

6. After changing your password, you may need to update your password in your email client settings, and/or in your modem settings. If you are unsure how to do this, please check the setup guides in iiHelp.

Alternatively you can call our Support Centre on 13 22 58, 24 hours a day 7 days a week.

Note, changing your password in Toolbox may also mean a change to your email client, modem or router password settings as well. If you are unsure how to do this, please visit our support pages.

Get Remote Access Alerts via your iiNet Toolbox

Why would you want these alerts? Well, occasionally your Toolbox may be logged into from an unknown IP address – this might happen when you simply log into Toolbox from a new location.

BUT it could also happen if someone else is trying to use your details to log in. If you want to be notified by email that this has happened, then follow these instructions to set up Remote Access Alerts in Toolbox.

1. Log in to Toolbox with your username and current password.

2. Select My Account from the navigation bar. If you’re using a mobile, you’ll need to tap the grey menu icon to expand the navigation list as shown below:


3. Select Manage remote access alerts from the left-hand column as shown below:


4. Switch the button from Off to On and then enter your email address in the field provided.


5. Click Change Settings. Easy!

What is iiNet’s approach to online privacy?

During March last year, the Australian Privacy Principles (APPs) were introduced. These principles regulate the handling of personal information by Australian Government agencies and some private sector organisations, including businesses like iiNet.

When these principles were introduced, we created a new Privacy Statement which explains how we collect, use, share and hold your personal information. 

 Can I take any further precautions with my online security?

We’ve shared insider tips on the blog previously on how to beef up your personal security online.

Revisit our Internet Safety Series on a variety of related topics:

Photo credit:


  1. Henry Gough says:

    It would be great if the Federal Government introduced really crippling fines for web thieves and for those who violate the privacy of individuals by trying to access computer data. The whole web scene including Facebook Twitter and Linkdin are becoming bothersome in their attempts to get people to expand on whatever private information they have on line. Does Westnet provide or suggest effective internet protection?

  2. Alison says:

    Thank you, I appreciated this article

  3. Tony Simpkins says:

    re passwords: Seriously, no one wants to keep changing passwords, or have several different ones. It’s bad enough most of the time remembering one if you’ve had to change it recently. Your advice is pretty much what all other media give out, and is absolutely useless to 90% of your audience who will just ignore it.

    I would be more impressed if you could come up with a reasonably secure system for having ready access to one’s passwords every time one uses a device – but without having to remember a password to gain that access!

  4. Tony P says:

    One of the big problems I have encountered in getting people to change passwords is how to remember what the new one is and which one is for where.
    The only way is to write them down and secure the document either digital or paper.
    Including characters on the number buttons makes them harder to crack but not all work.

  5. Pamela Dyson-Harvey says:

    I am too nervous to change my password, especially after reading this blog. It involves changing it in other things that I don’t understand and may cause more heartache than it’s worth. Why do you make things so complicated????????

  6. Larry O'Carroll says:

    Very good article.
    Great advice on changing password.

    Thanks for your information

  7. jennandco says:

    Outstanding advise,Thanks again iinet,fondest regards fom jeenandco

  8. Matt says:

    Hey, do you think you should credit the creator of that image, given that it’s released under a creative commons licence?

    Perhaps you need to run a copyright awareness week where you explain how you can’t just steal images off the internet and reuse them…

    • Natalie Marinho says:

      Hi Matt

      Thanks for taking the time to point out the missing link. It was a forgetful omission on my part because as you might have seen from other articles on the iiNet Blog, we always credit articles sourced via Creative Commons with a link at the bottom of the article. We’ve now updated the article. I actually think that’s a great suggestion about creating a blog article that explains Creative Commons and how to correctly attribute content creators – stay tuned to the blog for this article coming soon.

      iiNet Blog Editor

  9. Anonymous says:

    A really useful document

  10. Paulo says:

    Hi Natalie,

    Great advice!

    Would you please advise some of the best ways of keeping track of passwords. I currently use a password vault to hold 40 passwords but I’m not sure this is the best way.

    Many thanks in advance,


  11. keith says:


    you put a lot of emphasis on passwords which i use several different ones but what virus protection are iinet using on their systems as i bet its either macafee or norton 360 which both have been proven ineffective this is why i use kaspersky internet security as it was rated in the top 5. never had an issue but i dont put any personal info in the www as nothing is secure.

  12. Shane says:

    i am under the impression you should never click on a url link if sent to you by email. Even from your isp or bank. Is this correct?

    • Amy Pearce says:

      Hi Shane,

      Provided the links are sent from a legitimate sender, such as a Financial Institution or your ISP, there should be no issue following them.
      You do need to make sure the sender is not pretending to be someone else however.
      We recommend adding your bank to your email recipient list, so if anyone does try to mirror them and send you spam, your email account will notify you that this is not a known sender.

      More information on spam emails can be found here.

      – Amy

  13. yodati o'connor says:

    can I stay with the same password/not changed at all?

    • Amy Pearce says:

      Yes, you can keep things as they are if you are happy.
      We do recommend not using the same password for all online accounts, as if a scammer cracks one, they have access to all of your online accounts.

      – Amy

  14. Normann says:

    I would use a short phrase as a password and just change a couple of characters of each word and change cases so it is long and complex password.

    No password is failsafe but if you make it hard enough that it takes a long time to crank, that password is a good password.

  15. Simsy says:

    Protecting our privacy online is in our own hands, but it isn’t much help when iinet hands over our details to some film company to help them extort money from users. Our privacy isn’t safe at all.

  16. Hey guys, this is really great, but it is fundamentally about security.

    If you’re really concerned about your users privacy, and committed to protecting it, you would issue a public statement supporting the use of TOR by your clients, and advertising how your patrons can really protect their privacy from the govt.

    Is that going to happen?

  17. G2av says:

    How do we protect our privacy from the Governments Data Retention Laws? What VPN services do you recommend?

  18. david says:

    Not going to mention VPNs? Pretty important given the new legislation.

  19. Shane says:

    Passwords as I understand it are or stolen. Using the same password is not an issue if you know you have not been breached. Visiting questionable sites and entering sensitive details or unleashing a virus on your PC is an indicator that it is a good time to change your password. I would disagree that changing your passwords reduces you chance of being breached. Its how you treat security that is the ticket.

  20. Eric Tan says:

    How do we remember all the different password s we created for the different devices and apps etc etc ?

  21. Roger Smith says:

    So, a whole load of advice comes down to ‘have a good password and change it lots’ what about more basic stuff to protect my privacy like, don’t let the government have access to my data.

  22. Peter Lynam says:

    Get real! Changing different passwords for numerous organisations and devices with a mix of 9 numbers, letters, upper and lower case etc etc every quarter and recording them securely at home is impractical. Geekworld needs to think of some other arrangement instead of passwords for on line security.

  23. David Horrocks says:

    I switched off Remote Access Alerts because I kept getting alerts when I logged on to my desktop PC. Probably because I use Mobile broadband modem.

  24. Me Me says:

    How do we protect ourselves from our provider making our private details available to domestic and international companies?

  25. Peter says:

    Hi Natalie – great article on privacy and need to regularly change passwords.
    Would be good to have a follow article on how to manage passwords. A quick count of my password required sites and applications came up with over 50 and Im sure I havent got them all. Some require passwords of specific types eg more than 7 and less than 10 characters. Some passwords are more important than others eg online banking. compared to some shopping sites.
    We are encouraged to not write passwords down,
    change them regularly, not use anything obvious or repetitive etc, but the real issue for me is how to remember and manage all these passwords and also be security virtuous.
    I do some work in a Mac environment but have had a
    bad experience with the use of Key chain system of password management. – it’s both too confusing and too good.
    A follow up article dealing with these vexed issues would be good,
    Kind regards Peter

  26. Renato says:

    thanks for all your info
    i think ill change my password today
    have a great day to all at IINET

  27. Andrew says:


    Do you have any suggestions about how to securely store and conveniently access the hundreds of complex unmemorisable logon identities and passwords one needs in today’s online world? Not to mention the “secret” questions and answers that many websites are ow forcing on us?

  28. Peter Davidson says:

    Needs a discussion and recommendations on topic of VPNs
    Even federal minister has suggested use of these

  29. Terry Harbour says:

    Good advice re regularly changing passwords, however having to also change passwords in other applications is a pain. Easy sounding theory does not always translate to easy practical application. I have 54 applications/programs to which I have a password (I do keep a secure list of them)- imagine changing all 54 passwords each quarter?

  30. Nathan says:

    Tony Simpkins they have them, search for ‘password managers’.
    They even have apps now!!

    Sage advice, but like many others, changing frequently sucks!

  31. Julian says:

    Whisper me your password and I shall forget it two 2 Two too ToO 4 U0o

  32. Darryl says:

    Lots of people have commented above on the difficulty of using lots of different passwords. There is a solution to that. A password manager app.


    Hopefully that will be of some use. Personally I use Lastpass, but you choose one that suits you best.

    I would also like to see more info on using VPNs on an article like this.

  33. George says:

    I have used internet for at least 15 years and never changed my passwords and never had a problem. I had to change only some of them when I came upon a site I had not used for a few years and did not remember the password for it so I had to get a new one. These were the same as what I used for other sites or only slightly different from my standard password. I guess it pays to come up with a password that no one can work out. Of course it also helps not to provide any personal information. What I hate is that no matter what promises are made my email address is passed on to numerous companies that then bombard you with sale offers of their products and I have to tell them to never contact me again.

  34. udo says:

    It’s good to see iiNet claiming to support strong privacy.
    Please demonstrate this by upgrading your toolbox webserver to support TLS and PFS. This is important to MY privacy!
    Currently the toolbox site “forces” poor crypto standards, and mixes clear and cipher text sources. Poor web development.
    I expect more from #2.

  35. Anonymous says:

    No comment

  36. Dazza says:

    Funny how you’re advocate privacy, when your company is about to do the exact opposite.

    iiNet is just about to hand over metadata and customer data to the government, and to the foreign parties such as the Dallas Buyers Club people.

    What’s the point of fiddling with passwords when you’re offering to hand out our details in spades?

    You might as well write an article teaching folks how to use a VPN!

  37. Adrian says:

    Why can’t fingerprint scanning or iris recognition replace passwords?

  38. Nev says:

    Great, it all comes to passwords. From comments i understand we all have the same issue-HOW DO YOU KEEP TRACkK OF THEM. Another article full of experts’ user unfriendly advices.

  39. David says:

    What about security at public Wi-fi Hotspots and cellular phone networks why don’t you advocate and educate people about the use of VPNs.

  40. ian says:

    There seems to be a lot of requests for info on VPNs, but there is a deafening silence from iiNet about said VPNs. Why is this? Is there something that iiNet is not telling us or doesn’t want us to know?

  41. Phil says:

    Just browsed through some of the comments and saw some questions that I could give some suggestions on. The methods I use are no doubt used by many.
    1) I create a sentence and then turn it into a password by using the first letter of each word and alternating between upper and lower case. For example: ‘My favourite game is World of Warcraft I started playing in 2008’. p/w = MfGiWoWiSpI2008 I sometimes hide a password within a document on my pc and copy/paste it.
    Since I have many passwords and user names, I keep them stored in an alphabetized diary I keep in a draw next to my pc.
    I hope these suggestion help some that never gave them thought. 😉

  42. Tony W says:

    I cant live without my password generator and secure vault app “keepass” (portable version) i use on a usb flash drive. I now have a separate long password for every account i use which is easily accessed when i need them within the keepass app.

  43. Adam says:

    The Federal government’s Metadata legislation is an issue for privacy. Passwords etc is about security more than privacy.If you could do an article on how iiNet can assist in setting up a VPN that would be appreciated.


  44. Al says:

    To remember passwords use different types for your social websites (Facebook, Twitter, etc), more secure ones for your e-mail accounts (but based around a theme, perhaps, if you have many accounts) and the most secure for your financial and other essential sites.

    Selecting passwords… My advice is to pick something that is meaningful to you – a phrase, lines of a poem, the first paragraph of a favourite book, etc. Something that you are going to be able to recall that is several words long. Then you have a choice.

    If the phrase is long enough, start your password halfway through one of the words and finish it 10 characters later. Make it less guessable with liberal use of capitals, numbers and symbols in place of some letters or as well as.

    Alternatively, pick the fourth character in every word of your phrase and do the same with capitals and numbers as above.

    “But soft, what light from yonder window breaks?” could be an example phrase. Take out the spaces and a password is possible; add a zero for a repeated oh and some capitals and away you go.

    The point is, you never have to remember more than the phrase (you may have known one from school days) and the formula you used. When you must change passwords you can change either the phrase or the formula one time and the other one the next time.

    A little thought into planning your passwords helps you to remember more complex ones than you thought possible.

  45. Dinh Nguyen says:

    I hope it works, I am very upset about virus attacked my PC.

  46. Aaron says:

    Very little I can add after glancing through the posts. Good to see this issue thrashed out, or at least mentioned.

    I use a simple password for everything. s1mple. It works everytime. How clever am I? =]

    A heirachy of passwords and levels of entropy are a bit complex. If my bank says I need to login in in an email, it must be true. The email has the correct logo, and the link takes me to their web site. My bank would never lie to me. They said they wouldn’t.

    Not sure what this ‘ransomware’ thing is. The Australian Federal Police wouldn’t lie. $200.00 is not much to pay. Their camera could see me. Even on my computer that doesn’t have a camera, it was still watching me.

    n.b. this is sacasm

  47. Bev says:

    I don’t even know what a ‘VPN’ is!!!

  48. Jimson says:

    Some good security tips in there. Particularly different passwords for every different service you use. I have found Keepass the only practical way to do this.

    Would be good if you did a blog post about actual privacy though. Focusing on how since the Snowden leaks it has become apparent there is basically no privacy or anonymity on the internet. Plus thanks to the government’s data retention policy, your internet habits are going to be available to regular police officers and who knows what other government departments (and hackers too).

  49. Anonymous says:

    Thank you Iinet. I went to a talk by David Cook on GBB fraud, and how it relates to Seniors. Well, only a little info but exceptional scarey eg I did not know one is to have a Pass’d for a Router……he is with Edith Cowan. And really there needs to be more info for Seniors to get informed. GBB.none of us had computers in grade school or even in the work place. I have had 2 spams? last week and 3 to-day saying it was from Bank…….??? there needs to be more education for we 80 yr. olds.

  50. Russ says:

    Good reminder. I do use a long word and switch the number at the end so that I can write down the abbreviation and know what means. So (just an example!) lets say your word is ‘Synergy’ I can write S~5 next to work PC, or S~2 for a shop site and so on or 5S5 and know what that.
    However, problems abound, this site has cut out 12 times while I typed this and 3 ads popped up. what do you do??

  51. Ghatti says:

    Nice article. What about other measures to keep privacy like not having email addresses that give your name. Oh, but iiNet can’t advocate that since its policy is to create email addresses with your full first name with no discussion with the customer about this and no remedy offered when the customers States unhappiness about this. I’d take you more seriously if I saw ,pore practicing of what you are preaching iiNet.