Skip to main content

Cyber-crime is a growing threat to legal practitioners and their clients. Although no-one is ever immune, there are tools you can use to help protect your data. Multi-factor authentication is readily available, easy to set up and gives you an extra layer of security.

Multi-factor authentication is one of the most effective ways you can prevent cyber-criminals from gaining access to your firm’s systems and your clients’ confidential information. Multi-factor authentication is readily available, easy to set up and gives you an extra layer of security if your password is stolen (including where it is fraudulently obtained by phishing and social engineering).

When you enter a username and password to access online accounts, that is classed as single-factor authentication. Your password is the only security credential (authenticating factor) that verifies you are who you say you are.

Single-factor authentication is unsafe. Usernames are often email addresses which may be publicly available or easily guessed and once cyber criminals have that, they can try to obtain your password by:

  • experimenting with commonly used passwords or guessing a weak password
  • sending you a phishing email which tricks you into clicking on a link and entering your password on a webpage
  • taking advantage of a data breach on the relevant website or another website where you have used the same password.

Multi-factor authentication is a much safer option. It means using two or more authenticating factors, which can be two or more of the following:

  • something you know – e.g. a password, personal identification number (PIN) or response to a question
  • something you have – e.g. a mobile phone app, SMS code or physical token such a one-time PIN token
  • something you are (physically) – e.g. a fingerprint or iris scan.

Cyber criminals continue to target software programs, as well as personal email and social media accounts which can be used for social engineering purposes. Multi-factor authentication is available on Office 365 as well as most popular email and social media platforms including LinkedIn, Facebook, Instagram, Gmail, Microsoft/Outlook Mail and iCloud. A search of the platform security and privacy settings will reveal simple steps to set it up. Options to use SMS alerts are an especially useful authentication factor because they also warn you if someone tries to log in to your account.

Multi-factor authentication should be the minimum security standard for all your online accounts and it’s probably easier to turn on and use than you think.

More on multifactor authentication

All Resources
LPLC Articles

Enable multifactor authentication – a simple thing that could save you

Cyber security 26 Oct 20

This article, produced for Australian Cyber Week 2020, covers the basics of multi-factor authentication and why it should be implemented in every Australian law firm.

Learn more
Practice Risk Guides

Cyber Security Guide for Lawyers

Cyber security 12 Apr 24

LPLC has produced a guide full of practical information to help lawyers be cybersafe. The guide outlines 5 key areas of focus and explains why each is important to be included in cybersafe strategies for law practices. For each key area the guide provides a checklist of practical steps to take to secure any legal practice.

Learn more
LPLC Articles

Cyber strikes again – how one small firm got hit

Cyber security 25 Oct 19

Cyber-attacks are on the rise in the legal profession and all sized firms are at risk. We have been notified of several instances of spam attacks, phishing emails and ransom attacks on law firms in the past six months.

Learn more
All Resources

Latest News & Alerts

All News & Alerts
News

Joint statement on behalf of the Victorian legal profession on the tragic events at Bondi Beach

Where to get help 15 Dec 25

We are united in our shock and sorrow following the horrific attacks that took place at Bondi Beach yesterday evening.

Our thoughts are with the victims, their families and all those who have been tragically affected by this abhorrent violence. This has particularly impacted the Jewish community of Sydney and across Australia, a community that is an integral and cherished part of our multicultural society.

We stand in solidarity with the Jewish community and all who have been affected by this senseless violence. Everyone has the right to safety, security and freedom from fear.

We condemn these acts of antisemitism, extremism and violence in the strongest possible terms. We reaffirm our commitment to the rule of law, which underpins the safety and security of all in Australia.

We are united in our resolve that such acts of violence and hate will not undermine the values of inclusion and fundamental freedoms, including of religion and other rights, which define our community.

Learn more
News

Holiday Closure Periods

10 Dec 25

As the year draws to a close, we would like to thank our insured practitioners and stakeholders for their continued trust and engagement. We appreciate the important work you do and the role we play in supporting you throughout the year.

Learn more
News

LPLC Annual Report 2024-2025

17 Nov 25

The LPLC is proud to present the Annual Report for 2024-2025. This high was tabled in the Victorian Parliament on 12th of November 2025.

Learn more
All News & Alerts
TOP