How to manage your digital safety settings
Make the most of the security features available on your devices and when you connect online, and build good habits to keep yourself safe.
Basic online safety tips
These are some safety tips for when you get a new device (including phones, tablets, laptops and computers), or download an app, or go on a website.
- Look closely at user agreements, terms and conditions, and disclaimers.
- Check your settings. See whether use of the device, app or website involves any security, privacy or cookie policies or third-party information sharing. These settings are usually located under a wheel symbol or configuration menu with a set of three vertical dots. It is a good idea to check your privacy settings regularly, as new device and software updates sometimes involve new features or changes to default privacy settings. Take a look at The eSafety Guide for advice on privacy settings and how to keep your data safe across different apps, games, social media and other online platforms and services.
- Enter only required information and ignore optional information requests when completing online forms. Required (or ‘mandatory’) information is usually marked with an asterisk (*).
- Log out of sites as soon as you have finished using them, instead of just closing the tab or browser.
- Avoid signing in with your social media accounts. When you use your social media account to sign into other apps or online accounts you are often agreeing that this website is allowed to have access to all the information you share in your other account.
- Stay alert for scam emails and cyber attacks.
- A typical attack is an email that says your password has expired or your account is being updated – the email will direct you to enter your security details or sensitive information on a fake web page that’s probably been branded with real-looking logos, such as from a bank, Microsoft or another service provider.
- Also watch out for courier messages, ‘prizes’, urgent requests, offers too good to be true, and warnings that you must provide security information if you don’t want to get into trouble – they are often scams.
- Never provide sensitive security information via email.
- Find out more about how to avoid online scams and how to protect yourself from identity theft.
- Do not click on links or attachments you were not expecting. Even if the message looks like it has been sent to you by a friend or known organisation, don’t trust it – you could end up with a virus, spyware or malware on your computer or device that compromises its security. Check the address carefully – if even one letter is different to the real address it’s likely to be a scam. On phones you can’t hover over links or addresses to see their true destination, so be extra cautious.
- Don’t use ‘free’ public wi-fi to access your online accounts or send or check private or sensitive information – they can be hacked easily. See more in Connecting to wi-fi.
- Update your device. Always keep your device’s operating system and apps up to date so you have the latest security features and bug fixes.
- Protect your devices against viruses, malware and spyware. There are apps you can download to reduce the risks.
- Back up any important music, photos, videos and data regularly, in case it’s deleted by mistake or in a cyber attack.
- Use secure sites. Those with ‘https://’ in the website address and a locked padlock icon in the browser secure your information ‘in transit’ when it’s communicated across the internet.
- Research customer satisfaction websites and Scamwatch before buying from a site for the first time.
- Turn off, clear or delete cookies. If you want to reduce advertisers’ ability to target their ads based on your browsing history, you can turn off or delete the cookies that track the sites you visit online. You can do this manually at the end of a session using the settings, preferences or tools menu, or you can configure your browser to do it automatically.
- If you need to make sure your actions cannot be tracked online because you have an abusive partner or ex-partner, you can find tips for limiting location tracking in the Domestic, family and sexual violence checklist.
Passwords and passphrases
- Set up strong passphrases and multi-factor authentication to secure important accounts, like those with financial information or health records. See our identity theft page about protecting your personally identifiable information.
- Do not choose the same password or passphrase for multiple devices, accounts or apps.
- Do not share passwords. Treat passwords and access codes for your devices like codes for your bank accounts – never share them with anyone.
- Avoid saving passwords in your browser. This may be convenient, but it also means that anyone who has access to your computer or device can access your online accounts, such as bank, social media and email accounts.
Connecting to wi-fi
- Adjust your settings so your devices don’t automatically connect to wi-fi networks unless you know they can be trusted – sometimes ‘free’ wi-fi or networks you have previously connected to are not secure.
- Don’t use ‘free’ or public wi-fi to send or check private or sensitive information. These are easily hacked to steal your data or take control of your accounts when you log in. Also, anyone can set up a fake network in the name of a trusted business or provider to trick people to connect (this is sometimes called a ‘pineapple’ network).
- Use your mobile 3G/4G/5G data in public places. Mobile data is widely available and affordable, even when overseas, or you can consider using a local SIM while you’re travelling.
- Create a new password or passphrase when setting up your home wi-fi network. The first step is to change the default password that comes with your wi-fi modem or access point and then connect all your devices with the new password. See our advice on setting strong passwords.
- Make sure you have a secure home wi-fi network. Your home wi-fi network is secure if a locked padlock appears against its name in the list of networks in your device settings.
- Avoid sharing the password to your home wi-fi network. You may be held responsible for the excess usage charges or the nature of the content of internet browsing activities for other users connected to your network. If you suspect neighbours or other unauthorised users on your wi-fi network, go back to the first step and reset your wi-fi password on your modem or access point. Update your devices with the new password.
Bluetooth, GPS and location services
- Set up strong security settings on your bluetooth devices. Do not keep the default settings, particularly the default device name and password.
- Unlink any unknown devices. Make sure any bluetooth device is only paired with devices you know and can control, including for wearables like fitness trackers. If you have an in-car bluetooth navigation system, make sure only known devices are paired with the car. This is for security, but leaving bluetooth on can also use a lot of battery power.
- If a bluetooth device is lost or stolen remove the device from the devices list on the phone, computer or other device that you usually pair it with.
- If using Airdrop on Apple devices to share content such as photos and videos with others, only accept invitations to share from people you know. You can turn off Airdrop receiving entirely or limit it to contacts only.
- Avoid using bluetooth, GPS and location apps except when you need them – you can usually change the settings so they only connect while you are actually using the relevant app. If privacy or safety is a concern, don’t opt in to location sharing with friends or other contacts. If you can’t turn off the location function on an app, it may be better to delete it.
- Be careful about the data you share with ride-sharing services. Turn off location services once you have completed your ride, and where possible do not use sign-in from your social media accounts.
- Delete trip history. If you have a navigation device in your car, delete your trip history regularly. Do not set your actual home address as ‘home’ – instead, type the address in manually or set ‘home’ as a location a few blocks away from your home. That way, if someone breaks into your car, they will not be able to find out where you live.
- Clear your paired devices when car sharing. If you need to connect your smartphone to a car share or rental car, make sure to remove it from the paired devices list before you return the car.
Device safety tips
- Keep your devices locked so only you can use them and access your apps and accounts. Where available, set fingerprint or face ID biometric security, and consider encrypting any backups.
- Consider installing a mobile security app on your device to scan for viruses, malware and spyware. Android systems are at a greater risk from these threats than Apple devices.
- If you’re using a work device make sure the firewall is turned on – this prevents unauthorised access to private networks.
- Log out of apps when you finish using them, don’t just close the screen – this is especially important for financial apps.
- Remove or delete apps that you no longer use.
- Consider covering your device cameras for extra security. It’s unlikely the camera can be turned on without your consent, but it is possible. Consider covering the front and back camera of your phone or tablet with some removable non-transparent tape when you are not using it, or put it away in a case. Tape can also be a good option for in-built computer cameras or separate webcams. Some laptops have a slider to block the camera, or you can close the cover when you’re not using it.
- Manage in-app purchasing to avoid unexpected costs. Turn it off altogether, or set passwords and restrict purchases (especially to age appropriate content if you manage a child’s device). To do this on Apple devices follow this advice on how to prevent in-app purchases. On Android devices, update your settings so that authentication is required for in-app purchases.
More tips and how-to videos on phones and tablets.
More tips and how-to videos on laptops and computer.
- Manage devices such as smart watches, fitness trackers and personal medical devices even when they are not in use. When you take them off, store them in a safe place where no one else can access them and change your settings.
- Know what personal information you are sharing. Only link data about your personal challenges and exercise habits with trusted friends.
- If you use a wearable device provided by the organisation you work for, ask about the type of information they collect. Some organisations require access to an employee’s devices so that they can track work locations.
More tips and how-to videos on wearables.
You can use the cloud to access apps and online accounts and store a range of content including your contacts, emails, messages, videos, documents, music and photos.
- Use strong passwords and passphrases, and do not share them with anyone. Make sure they are different for each app, site or account. See our advice on setting strong passwords.
- Add multi-factor authentication where possible – see our advice on identity theft for more information.
- Consider hiding the location of your devices by switching off location-based services, and decide whether or not you want photos and documents to be geotagged with your location.
- Regularly review your privacy and security settings to check they are best for your situation.
- Update security on shared accounts if your personal circumstances change. For example, if a relationship ends you may need to close a shared or ‘family’ account, or limit the access and set new passwords or passphrases. Think about who may have access to your document files and photo albums and whether they could share that content without your consent.