Online safety & security

Your VU login is your digital identity. It gives you access to your classes, assessments, personal details and university systems. Sharing your login — even once — puts all of this at risk.

“Assignment help” or cheating websites/services often ask for your VU username and password (login credentials). Once shared, you lose control over how your account is used. Similarly, Artificial Intelligence (AI) tools that ask for your VU login could put you at risk.

When you share your VU login, others can access far more than your assessments.

This can lead to:

• Identity theft, financial fraud or misuse of your personal information.
• Someone accessing your address or contact details, putting your personal or family's safety at risk.
• Your account being used to scam or harass other students in your name.
• Being locked out of your VU account if your password is changed, causing stress and disruption during assessments or exams.
• Extortion, where you’re asked to pay to regain access.
• Academic Integrity investigations, even if you didn’t mean to break the rules.
• Risksto your visa if your identity is misused for work or enrolment activity.

What feels like a quick solution can turn into long-term academic, financial and personal consequences. Your VU login should only ever be used by you.

Never share your username or password with:

• Assignment help services
• AI or tutoring tools/websites that request login access
• Family, friends, classmates or anyone online

Keep your VU credentials locked up, so that you don’t get locked out!

Passwords are the key to your online life. Follow these steps to improve your digital safety and reduce the risk of hackers getting in your accounts.

• Upgrade to passphrases, the stronger version of passwords. Passwords are now outdated and not secure enough.
• A passphrase is a few random words —  easy to remember, but hard to guess.
  • E.g., “Red Rabbit Takes 5 Hops” is easier to remember and is stronger than “D0nt#Op3n!”.
• Make your passphrases 14 or more characters and unique, so they stay hack-proof.
• Create a different passphrase for every account. Reusing passphrases leaves you vulnerable to easy attacks and data breaches.
• Practise making passphrases and test how strong they are at Service Victoria - Password Strength Tester.
• Never share your passwords/passphrases or login details with anyone or with AI tools.
• Use a password manager to securely store and generate passphrases for you. Avoid browser-based password manager tools.

Download Dashlane password manager

Victoria University has partnered with Dashlane to give all students a free premium password manager for study, work and personal life.

Dashlane lets you generate and save unique passphrases, log in quicker, and study or work more flexibly.

Dashlane stores your passwords/passphrases and keeps them up-to-date across your phone, computers, tablets and other devices (including personally owned devices).

• Students - Set up your free account today
• Staff - Access Dashlane Premium for free (VU login required)

Login credentials, like usernames and passwords, can be exposed in data breaches, stolen, or guessed (like if you reuse a password). Multi-factor authentication (MFA) adds an extra step to give you a chance to stop hackers from logging in to your accounts.

When accessing banking, shopping, utilities and other online services, you've probably had to receive a code via SMS, one-time PIN, or approve a notification, to prove that it’s really you trying to sign in — that’s MFA. Using an Authenticator App or biometrics (fingerprint, FaceID, etc) is one of the strongest recommended types of MFA.

When logging in to VU systems, MFA will prompt you to verify your identity via your smartphone or tablet. This prompt is known as an MFA challenge. It helps keep cybercriminals out of your account and personal information. Check VU's MFA page for more information.

Turn on MFA for all your personal accounts to better protect them from cybercriminals. You can follow the easy steps in The Australian Government guide Protect yourself: multi-factor authentication (PDF), which includes common apps and services that have MFA.

Learn more about MFA

Passkeys are a faster and more secure way to log in to your online accounts than using passwords.

Using a passkey, no password/passphrase is required. Passkeys work like having two different keys to unlock a door. One key is kept by the provider of your account, while the other key is stored on your device (smartphone, tablet, laptop or physical security device).

Students get a free Dashlane Premium password manager account, which can be used to securely store passkeys, along with passwords/passphrases and other valuable information.

Find out more about the benefits of passkeys and setting them up

When accessing websites, games, shopping, and downloads online, follow these tips for safer browsing.

• Keep your web browser up-to-date
  • Updates fix security weaknesses and improve protection against malicious websites.
• Be cautious when clicking links that ask you to log in or provide personal details
  • Links in emails or messages can lead to fake login pages designed to steal your username and password. For peace of mind, open the website yourself using bookmarks or a trusted search engine.
• Check the exact web address carefully
  • Look for small tricks such as misspellings, extra words, numbers, or characters replacing letters. These can be signs of a fake, look‑alike website.
• Watch for unusual website behaviour
  • Be wary of pop-ups that demand urgent action, claim your device is infected or promote too-good-to-be-true offers.
• Only download files from trustworthy sources
  • Avoid unverified websites so you don't get a virus or malware designed to spy on or extort you, or damage your device.
• Review and carefully check permissions for apps you download
  • Even in popular app stores, downloads can contain info stealer malware that logs your keystrokes and online activity on a mobile device or computer, sending them to cyber-criminals.

• Illegal downloading, streaming, file sharing, and publishing, breach copyright and can result in disciplinary actions, fines or worse.
• Unauthorised uploading and downloading of copyrighted works is a crime.

Files in emails and on USBs could be accessed or stolen by cybercriminals. You should encrypt sensitive information, like your personal data, financial, identification, visa or medical documents, to keep them private and safe.

• Use a zip tool, such as WinZip, to encrypt your files with a secure passphrase before sharing digitally.
• Use cloud storage, such as OneDrive to share a link with specific recipients only and set an access expiry date.
• If you share a passphrase protected file and need to share the passphrase, use a different channel so it is not in the same message or email as the file.
• Use end-to-end encrypted (E2EE) services for communication to protect your privacy and reduce the risk of cybercriminal interception.
  • E.g., WhatsApp, Signal, Telegram, iMessage, Proton Mail
• Enable hard disk encryption for your computer so the data cannot be retrieved if it is lost or stolen. Find out more:
  • The Australian Government - Personal cyber security: Advanced steps guide
  • Microsoft Support - Encrypted hard drives
• Use encryption or confidential mode when sending emails for better security and privacy. Find out more:
  • Learn about securing and protecting email messages in Outlook
  • Learn how to toggle Confidential Mode in Gmail

If you have no lock screen set on your device and it’s stolen, or lost, the thief would have access to a lot of your life.

Putting a PIN on your device (or fingerprint scan, or facial recognition if available) and turning on 'Find my device' (if you have this option) are a couple ways to protect your device and your personal information.

• Steps to set up lock screen for iPhone.
• Steps to set up lock screen for Android.

The only sure way to make sure your files stay safe from viruses, device theft, or devices getting old and failing to turn on, is backups.

• If you get a virus, it’s very likely you could lose all of the files on your computer forever, which is why it’s important to have a copy of your files and photos.
• Back up your files to an external hard drive, put a password on it, and store it securely.
• Back up your files to a cloud service (like OneDrive, Google Drive, iCloud, Dropbox, etc) for convenience of access and easy access when moving to a new device or refreshing your current device.

• Keep your devices up to date to help prevent virus infections on your devices.
• Delete any apps and software you no longer use.
• Review your phone apps permissions to ensure they only have access to what you’re comfortable accessing, e.g. a calculator app shouldn’t need access to your contacts and camera.

Install a reputable anti-virus software to help protect your devices, and keep the anti-virus up to date.

Public WiFi hotspots in cafes, airports, hotels, and libraries can be risky.

Connect with care by taking the following steps.

• Limit access to sensitive accounts such as banking or medical records.
• When using a laptop, identify that it is a ‘public’ network if prompted, and don’t share folders or devices with others on the network.
• Use a VPN – there is not much stopping a hacker from pretending to be a public WiFi and then spying on you if you connect; using a VPN can greatly protect you from this. You should have the VPN turned on before you connect to the free WiFi.