4 steps to boost your online security

Enable multi-factor authentication (MFA)

MFA adds an extra layer of security to your personal accounts by requiring two or more types of actions to verify your identity. This could be a combination of your password and a fingerprint or facial recognition, or a passphrase and an MFA code. 

With MFA enabled, a hacker would need your password and the code on your phone or your biometrics to access your accounts.

Learn how to enable MFA on your email, social media and other personal online accounts, and ensure Okta, the University's MFA program, is correctly set up on your device by reading our MFA guide.

Keep your software updated

Software updates are not just for new features; they protect your devices by fixing security flaws. Data breaches caused by unpatched software have tripled in the past year, so it’s important to keep your software updated.

Even better, set your software and devices to update automatically to stay protected from the latest threats.

Use strong, unique passphrases

Ditch simple passwords for strong, unique passphrases. Combine four or more random words that are easy for you to remember but tough for others to guess, like “SunOceanPencilBook.”

Passphrases are harder for cybercriminals to crack. If keeping track feels overwhelming, consider using a reputable password.

Pro tip: Treat your passphrase like your toothbrush: choose a good quality one, never reuse an old one, and never share it with anyone.

Recognise and report phishing

Did you know that you're four times more likely to fall for phishing on your phone?

Phishing scams are one of the top tactics used by cybercriminals to steal your information, identity and money, so it’s important you know the warning signs.

These could be: the sender's email address doesn't match their name or company, urgent, threatening or authoritative language, requests for your credentials, and incredible discounts or free offers. 

Learn more about common scams and how to avoid them. 

If you've been targeted by a scamon your personal accounts, report to Scamwatch to prevent further attacks. If your University account has been impacted by a scam, change your UniKey password and contact the ICT Service Desk on 1800 SYD UNI (1800 793 864) immediately. You can also connect with University support if needed.