MFA and Password Manager Setup for Brisbane Families: Shut the Door on Phishing Before It Reaches Your Bank, Your Super, or Your Kids

Your mum forwards you a text that looks like it came from Australia Post — there’s a missed parcel, click to reschedule. Your teenager has the same password on Instagram, Roblox, and the Gmail account they use for school. You reuse one “good” password across your bank, your super fund, and a dozen old shopping sites, half of which have probably been breached. Then a message arrives that looks exactly like one of those sites, and someone in your household clicks it. MFA and Password Manager Setup from Cyber by Exegesis is the hands-on engagement that hardens a Brisbane family’s accounts before that click happens.

The problem

ACCC Scamwatch consistently reports phishing as the top scam category by volume in Australia, and the ACSC’s guidance for individuals and families is unambiguous: the two highest-leverage controls a household can put in place are multi-factor authentication on important accounts and a password manager so every account has a unique, long password. Almost no Australian family has both, properly, across every adult and child in the house.

The gap is usually not unwillingness. It’s that turning on MFA across email, banking, super, MyGov, work logins, and the kids’ accounts — and then storing recovery codes somewhere you can actually find them in 18 months — is a fiddly afternoon’s work that nobody schedules. Meanwhile the phishing message that defeats the household isn’t sophisticated. It’s a text that looks like Linkt, a fake MyGov login page, or a “your package is held at customs” SMS that targets an older relative who doesn’t want to bother you.

What MFA and Password Manager Setup does

Cyber by Exegesis runs a fixed-scope, hands-on engagement for a single household:

• A short inventory of the household’s important accounts — email, banking, super, MyGov, work logins, and the kids’ main accounts — so we know what we are protecting.
• Password manager installation across every adult’s phone and laptop, with vault structure set up so partners can share what they need to share and keep separate what they need to keep separate.
• MFA turned on across every important account, using app-based codes (or hardware keys where appropriate) rather than SMS where the account supports it.
• Recovery code storage guidance — printed, stored physically, and labelled so a partner or executor can find them. This is the step almost every DIY setup skips.
• A 30-minute sit-down with older relatives or teenagers in the household on how to recognise the phishing patterns ACCC Scamwatch publishes, and what to do (and not do) if they think they’ve clicked.
• A short written summary of what was set up, what wasn’t, and what to revisit in 12 months.

Cyber by Exegesis is the cyber consultancy line of Exegesis — the same company behind DRMO. Our scope here is preventive hardening for one household. We’re not your IT support and we’re not chasing scammers after the fact; we set the controls and step back.

How it works

1. We confirm scope on a short call and ask you to list the household members and the accounts that matter most to each of them.
2. We come to you (or run a guided remote session) for two to three hours with everyone’s primary devices present.
3. We install and configure the password manager, import existing saved passwords, and replace the worst reused ones first.
4. We enable MFA on the priority accounts together — you keep the credentials, we keep none of them — and print the recovery codes for safe storage.
5. We run the short scam-recognition conversation with the household members most exposed, and leave you with the written summary.

Why this matters in Brisbane

Brisbane households sit inside the same national phishing pattern ACCC Scamwatch tracks every quarter — fake Australia Post, fake Linkt, fake MyGov, fake bank fraud-team calls — and Queensland regulators and consumer groups have flagged repeatedly that older Australians and culturally diverse households are over-targeted. A Brisbane family that turns on MFA across the accounts that hold real money (bank, super, MyGov) and runs every password through a manager has closed the two doors phishing relies on, even when the click happens. The eSafety Commissioner’s guidance for parents pairs naturally with this work: account security for the adults, and a conversation with the kids about what they share.

Sources

• ACSC guidance for individuals and families: https://www.cyber.gov.au/protect-yourself
• ACCC Scamwatch (National Anti-Scam Centre): https://www.scamwatch.gov.au/
• eSafety Commissioner: https://www.esafety.gov.au/
• OAIC Notifiable Data Breaches scheme (relevant when a breached service notifies your household): https://www.oaic.gov.au/privacy/notifiable-data-breaches
• Cyber by Exegesis — MFA and Password Manager Setup (waitlist)

Join the waitlist

Join the waitlist — first access when Cyber by Exegesis opens MFA and Password Manager Setup for Brisbane families

We are sequencing household engagements by location and by household size. Join the waitlist with your suburb and the number of adults and children in the home — we’ll tell you when we are ready to book a session with your family.