Coming soon to My Account...

New security features, including two-step verification, are coming soon to My Account to help protect your personal information online.

Two-step verification is your best defence against malicious attacks, data theft and unauthorised access to your account.

These added security features will help keep access to your personal information watertight, ensuring your data and privacy remain exactly that: yours.

My Account security lock image

Preparing for this change is as easy as 1, 2, 3

  1. Log in or register for My Account and go to My Details.

  2. Check your My Account email address is up to date.

  3. Check your mobile phone number is up to date.

Check your contact details in My Account 

Digital security icons

 

LEARN MORE about two-step verification 

Two-step verification is a security feature that requires you to enter a 6-digit security code, in addition to your email address and password whenever you log in to Unitywater's My Account

Two-step verification (also known as two-factor or multifactor authentication) is the modern industry standard for protecting personal details and transactions made across the internet.

When this new feature is introduced to My Account, you'll be prompted to set up two-step verification using one of the following methods as your preferred way of receiving your verification codes:

Two-step verification is mandatory for all My Account users and cannot be turned off, but your preferred verification method can be changed at any time in My Account.

You can change the delivery method for your two-step verification code (SMS, email or authenticator app) at any time by going to the My Profile menu in My Account.

An authenticator app is an application you install on your smartphone or mobile device. It generates a one-time 6-8 digit code every 30 seconds that you can use as your two-step verification code when logging in to My Account.

Authenticator apps are the most secure way to receive your verification codes, as the codes are not sent to you via the internet or mobile network (e.g. via SMS or email). This means your codes are less likely to be exposed and vulnerable to hackers and misuse. 

You can install and use any authenticator app available on the Apple store or Google Play store.

We recommend you use Google Authenticator and Microsoft Authenticator, as they are the most widely used, but we cannot provide any technical support for these third-party apps.

Find out how to set up and get help with Google Authenticator or Microsoft Authenticator.

Authenticator apps work by sharing a secret, encrypted key with My Account during the verification setup process. You do this by entering the key manually or scanning a QR code during the setup process.

This key enables My Account and your authenticator app to generate an identical set of verification codes at exactly the same time (every 30 seconds) without sending them via the internet or mobile network.

When you log in to My Account using one of these codes from your authenticator app, My Account checks to see if it is identical to the code generated in My Account. If it is an exact match, My Account knows it is you and lets you in.

Here's what you should do if your smartphone or mobile device is new, lost or stolen:

  • If you are using SMS to receive your 6-digit authentication codes and you keep the same mobile number for your replacement device, you do not need to do anything, as you will continue to receive your verification codes to this number.

  • If are using an authenticator app and your device is lost or stolen, please call our Customer Service team on 1300 086 489 8am-5pm weekdays.

  • If you are using an authenticator app and you get a new or replacement mobile device, you will need to download the app again and transfer your authenticator account to your new iPhone or Android before you wipe your old device.

If you are having issues or trouble with two-step verification or any of our new security features in My Account, please call our Customer Service team on 1300 086 489 or contact us online.

TOP TIPS for protecting your personal details

  • Don't share your My Account login email address, password and verification codes: If you have more than one person from your family or business logging in to My Account, make sure they are an authorised person (with full authority) and registered to log in with their own individual email address, password and verification codes. Also, make sure they don't pass on individual login details or codes for others to use when you are away, sick or on holidays.
  • Change your My Account password regularly: Choose a strong password that's difficult for others to guess and is different from your email password. Find out how to create a strong password.
  • Watch out for phishing emails: Unitywater will never ask you to give use your password or verification code over the phone or by email. If you receive a suspicious request for your passwords, codes and other personal information, do not reply and do not click on any links in the email or open any attachments. Learn more about phishing.
  • Report any suspicious activity: If you notice activity on your account that wasn’t you, or your My Account details have been changed without your authorisation, please call us on 1300 086 489 straight away. 
  • Keep your contact details up to date: This helps ensure your verification codes and other important security notifications always go to the right person, and we can contact you about any urgent security issues regarding your account.
  • Check out the Australian Government Cyber Security Centre's Personal Cyber Security Firsts Step Guide and Advance Steps Guide.