mySAGOV account security

Stay smart online. Read this page on how you can protect your account.

Password security

Create a strong and unique password that you'll remember

We've updated our password requirements. If your password doesn't meet the new complexity requirements, you'll be asked to create a stronger password next time you log in.

A strong password is an important part of keeping your information safe online.

When creating a new password, make sure to include at least:

• 8 characters
• uppercase and lowercase letters
• numbers
• symbols like $, @, %.

Avoid using:

• personal information that others may know or that would be easy for others to find out - eg your name, birthday, name of your pet
• common words like 'password' or phrases like 'mypassword'.

Don't use the same password for different online accounts

If the same password is used for multiple accounts and your password is compromised during a breach of one of your accounts, you are at greater risk of being hacked. We strongly recommend you use a unique password for every account.

As a security measure, we use a password verification service to check if your password has been compromised. If mySAGOV detects your password may have been compromised, you will be asked to choose another password when creating a new account or the next time you log in.

Store your password safely

• Don't write passwords down. Consider using a password manager.
• Do not share your password or verification code with anyone. Service SA will never ask you to disclose this information.

Two-factor authentication (2FA)

SMS two-factor authentication (2FA) is now available for mySAGOV. You can set up 2FA by logging in to your mySAGOV account:
My account > Set up two-factor authentication.

Two-factor authentication (2FA) adds an extra layer of security to online accounts.

Better security for you

By enabling 2FA on your mySAGOV account, you are increasing your online security. This means that even if someone has access to your account log in information, your account will remain secure.

How does two-factor authentication work?

Every time you log in to your mySAGOV account, you'll need to enter your password, and you'll be prompted to enter a verification code that is sent to you.

You can choose how you'd like to receive your verification code.

Two-factor authentication can be set up when first creating a mySAGOV account or while logged in as an existing account holder.

Choose your preferred verification method

1. Log in to your mySAGOV account
2. Select 'My account'
3. Select 'Set up two-factor authentication' under Account details
4. Select 'Text message (SMS)' as your preferred verification method
5. Enter your mobile number. This must be a valid Australian mobile number containing 10 digits and beginning with 04 or 05.
6. Enter the 6-digit verification code sent to your mobile number.

1. Log in to your mySAGOV account
2. Select 'My account'
3. Select 'Set up two-factor authentication' under Account details
4. Select 'Authenticator app' as your preferred verification method
5. If you haven't already done so, install an authenticator app of your choice, such as Google Authenticator or Microsoft Authenticator onto your device
6. Open the authenticator app and scan the QR code
7. Enter the 6-digit verification code you see in your authenticator app.

Need help?