
You'll need to start using multi-factor authentication (MFA) to access your account soon. Learn more.
Here’s what you can expect from us
Keeping your account safe is our priority. Did you know that each time you log in, we automatically check the strength and security of your password against our databases of common and known breached passwords? If the password you entered appears in this list, we won't allow you to log in until you update to a secure password.
How login details can be compromised
Every year, billions of login details from hundreds of websites are stolen by criminals in cyberattacks. These stolen email addresses and passwords are then exposed on internet forums or sold on dark web marketplaces, where cyber criminals pay to gain access to your sensitive data and online accounts.
Latest security news and alerts
5 ways you can protect your online access
Keep your password strong and unique
Use a strong password or pass-phrase for your account – and don’t reuse the same password for anything else. Consider using a password management tool to generate and store your secure passwords.
Cyber criminals are using techniques such as credential stuffing. This is where the same login credentials that have appeared in a data breach (and been used by a person across multiple sites) are being used to gain access to their accounts.
Keep it secret!
Always keep your account login details secret and don’t share these with anyone. We'll never ask you for your password.
If you need to reset your password, you can change it quickly online.
Be email aware
Email accounts are often targeted by scammers, so make sure your personal email account is secured with a unique and strong password. If cyber criminals get access to your email account, they could potentially impersonate you and compromise your other online accounts.
Also, keep your email inbox and sent items tidy. You should regularly delete emails, including sent emails. They're an often-forgotten area that hackers target.
“People check and delete emails from their inbox but can often overlook what has been sent. It’s not just about keeping your super safe, it is about keeping your identity safe.”
Australian Retirement Trust, Financial Crimes Operations
Regularly check third party authorities
Third-party and personal authority requests can be loaded onto your account. An example of a third-party authority may be your partner, or your financial adviser.
Make sure you regularly review these requests. And have them removed from your account when circumstances change. This could include when there's a relationship breakdown or when you change your financial adviser.

We’re serious about keeping your super safe and have security in place to protect your accounts. Find out more about password security and, how you can stay safe online, and contact us if you have any concerns.
By working together, we can reduce the likelihood of fraud and help protect your super.