Protect your passwords

An easy way to protect yourself online is to maintain a strong password for all of your accounts.

On this page

Test the strength of your password

How do I use it?

  • Enter a password and tap the check button.
  • Check your results (below the search box).
  • The aim is to have all three assessment result boxes display as green.
  • If you see a red box, it's time to level up your password game! Read the guidance and take immediate action to improve your password strength using the password tips. 

 

Enter a password to check
visibility
Step 0 of 6

Password strength:

Password tips

Longer is stronger

Safe passwords have more than 12 characters (the more the merrier).

Passphrases

Consider a string of random words that only you can stitch together.

Don't give it away

Avoid sharing your logins with anyone, anywhere.

Keep them guessing

Leave out personal information and easily guessed words.

Do not recycle

Avoid using the same password for all your online accounts.

Keep it fresh

If you’re worried about your password security, change it.

Pause auto-fill for forms

Turn off auto-fill and pay attention to what passwords you auto- save and auto-sign on your browser.

Check website security

Do not enter your password on an unsecure website. Check website starts with https:// instead of http:// The “s” stands for secure. 

Check connection is secure

A padlock icon in the address bar shows the site uses a secure connection. Clicking on it will provide more details about the certificate.

Upgrade from passwords to passphrases

 

It's time to move past old-school passwords. Instead, go for a passphrase. It's like a password but easier for you to remember and harder for hackers to crack. 

To create the ideal passphrase, think of a sentence or a mix of four or more words. Ideally, it needs to make up 14 characters in total.

Multi-Factor Authentication (MFA)

MFA also known as two-step authentication, is an essential extra layer of protection that needs two or more verification methods. It’s a safeguard against cyber threats, especially credential stuffing, where hackers try to use stolen passwords on multiple sites (another reason for using unique login details for each account!)

Verification methods

Protect your devices

Your devices can give hackers an open gateway to your personal information. 

Follow our advice for keeping your devices updated and secure. 

Protect your devices 

 

Contact ID Support NSW

If you believe your personal information has been stolen, used, or accessed without your knowledge or consent, our advisors can simplify the process and guide you through protecting your identity, accounts, and devices.

Contact form

Once you send us a request, we’ll do our best to reply within one business day.

Call ID Support

Call our advisors on 1800 001 040 Monday to Friday between 9am and 5pm (Sydney time).

Interpreter services are available on request.

Disclaimer: 

The information and features provided on this page serve as general awareness and education resources. We have made every effort to create a reliable tool. However, please be aware that no application or piece of software can ensure absolute security. Consult with security experts for professional advice, as needed, where appropriate.

The Password Strength Tester aims to promote improved password practices and increase awareness regarding the risks associated with using guessable, weak, or exposed passwords. ID Support NSW does not guarantee password protection, assume liability for errors, commit to updating the results, or provide a warranty for the Password Strength Tester. By using the content and tools on this page, users acknowledge and release the creators and operators of the Password Strength Tester from any associated risks. Users are advised not to copy or disclose any information without obtaining written consent from ID Support NSW.

Acknowledgements: The data source for the leaked passwords is sourced from Troy Hunt's Pwned Passwords API (https://haveibeenpwned.com).

Top of page