MFA and Password Manager Setup for Melbourne Individuals: Make Phishing and Scams Stop Working on You

You get a text that looks like it is from your bank, or an email that looks like it is from myGov, or a message on a marketplace app that wants you to click through and “verify”. You are tired, you are on your phone, you tap the link, and you type your password into something that is not actually your bank. By the time you realise, the attacker is already inside the account — and because you reuse that password across email, super, and a couple of shopping sites, they are inside those too. MFA and Password Manager Setup from Cyber by Exegesis is the engagement designed to make that single mistake survivable for a Melbourne individual.

The problem

ACCC Scamwatch reports phishing as the most-reported scam category in Australia year after year. The messages are increasingly well-crafted: convincing logos, plausible sender addresses, urgent but believable framing. ACSC guidance for individuals is blunt about why so many of them succeed — most Australians still reuse passwords across accounts, and most still rely on SMS or no second factor at all on email, banking, and superannuation logins.

Your email account is the master key. If an attacker captures your email password through a phishing page and there is no second factor, they reset every other account you own from inside your inbox. The fix is not “be more careful” — careful people get phished too. The fix is to make a captured password insufficient on its own, and to make every account password unique so that one compromise does not cascade.

What MFA and Password Manager Setup does

Cyber by Exegesis runs a fixed-scope, hands-on engagement for an individual:

• A guided setup of a reputable password manager on your phone, laptop, and browser — with your existing passwords imported, audited for reuse, and the worst ones rotated first.
• Multi-factor authentication enabled on your highest-value accounts: primary email, banking, superannuation, myGov, work logins, and any account holding payment details. Authenticator app or hardware key where supported, in preference to SMS.
• Recovery code storage guidance — recovery codes printed and stored somewhere that survives a lost phone, without being somewhere an attacker can casually find them.
• A 30-minute walk-through of how phishing pages look in 2026 and how the password manager itself helps you spot them (it will not autofill on a lookalike domain).
• A short written summary of which accounts are now protected, which still need attention, and what to do if you lose your phone.

Cyber by Exegesis is the cyber consultancy line of Exegesis — the same company behind the DRMO live product. This engagement is preventive. We set up the controls with you in the room; you keep ownership of every account afterwards.

How it works

1. We confirm scope on a short call and ask you to list the ten or so accounts that matter most to you — the ones whose loss would actually hurt.
2. We meet for a single working session (in person in Melbourne, or remote via screen-share, your preference) with your phone and laptop in front of you.
3. We install and configure the password manager, import your existing credentials, and identify reused and weak passwords for immediate rotation.
4. We enable MFA on each priority account, preferring authenticator app or hardware key over SMS where the service allows it, and we store the recovery codes properly.
5. We leave you with the written summary, a 30-day check-in, and a clear answer to “what do I do if I lose my phone tomorrow”.

Why this matters in Melbourne

Melbourne is a large, professionally diverse city where individuals are juggling work logins, banking apps, superannuation, myGov, and a long tail of shopping and service accounts on a single phone. That is exactly the surface phishing exploits. ACSC guidance for individuals and families is clear that MFA plus a password manager is the highest-leverage pair of controls a Melbourne adult can put in place — and ACCC Scamwatch data continues to show that the people who fall hardest are not careless, they are just unprotected when one careful day goes wrong. Closing that gap now, before a message arrives, is the entire point of this engagement.

Sources

• ACCC Scamwatch (National Anti-Scam Centre): https://www.scamwatch.gov.au/
• ACSC guidance for individuals and families: https://www.cyber.gov.au/protect-yourself
• OAIC Notifiable Data Breaches scheme (relevant if a compromised account exposes data held by an organisation): https://www.oaic.gov.au/privacy/notifiable-data-breaches
• Cyber by Exegesis — MFA and Password Manager Setup (waitlist)

Join the waitlist

Join the waitlist — first access when Cyber by Exegesis opens MFA and Password Manager Setup for Melbourne individuals

We are sequencing sessions by city and by device mix (iPhone + Mac, iPhone + Windows, Android + Windows). Join the waitlist with your device mix — we will tell you when we are ready to book a session in Melbourne.