Is someone checking your browsing?
This website will appear in your browser history. If you're concerned someone may be monitoring your internet use, consider using a trusted friend's device, a library computer, or your browser's private/incognito mode. You can press Quick Exit or hit Escape at any time to leave this site quickly.
Learn more about staying safe online
⚠
If you suspect someone has your passwords, changing them may alert them. Plan which accounts to secure first and change them from a safe device.
Stealing Your Passwords
Someone gets hold of your passwords — by watching you type them, guessing them, finding them written down, or using tools that capture what you type.
What You Might Notice
Account settings have changed without your input
Profile information, recovery emails, or security questions have been altered.
You receive password reset notifications you didn't request
Someone may be attempting to access or test your accounts.
The other person logs into your accounts or references private account content
They mention emails, messages, or information only accessible through your accounts.
What You Can Do
Change passwords from a device the other person hasn't accessed
Use a trusted friend's device or a library computer.
Don't change passwords on a device that might have monitoring software.
Use unique, strong passwords for every account
A password manager can help you create and remember complex passwords.
Enable two-factor authentication
This adds a second step (like a code sent to your phone) when logging in.
Make sure the second factor goes to a device only you control.
Important: This resource provides general information, not personal advice. Every situation is different. The actions suggested here may not be safe in your specific circumstances — particularly if the person causing harm could notice changes to your devices or accounts. Always consider your physical safety first.
If you need personalised support, contact 1800RESPECT (1800 737 732) or your local specialist domestic violence service. If you are in immediate danger, call 000.
Obtaining victim's passwords, PINs, or authentication credentials through shoulder surfing, guessing based on personal knowledge, social engineering, checking common password patterns, or accessing written password records. Intimate partners often have enough personal knowledge to guess passwords or know where credentials are stored.
Password Manager Deployment Use password manager with strong master password. Generate unique passwords for all accounts.
SAFE-M-0037
Multi-Factor Authentication Enable MFA on all accounts using authenticator app on secure device.
SAFE-M-0038
Credential Entry Security Use privacy screens. Avoid password entry where adversary can observe.
SAFE-M-0039
Post-Separation Credential Reset Change all passwords after separation, starting with email accounts.
Detection Indicators
ID
Detection Indicator
SAFE-D-0035
Unauthorised Access Alerts Login notifications from unrecognised devices or locations.
SAFE-D-0036
Account Lockout Events Unable to access accounts with previously valid credentials.
SAFE-D-0037
Account Content Knowledge Adversary demonstrates knowledge of account-specific content.
The TFA Matrix is a research framework under active development. Technique classifications, detection methods, and mitigations reflect current understanding and are subject to revision. This framework does not constitute forensic methodology, legal evidence standards, or clinical diagnostic criteria. Practitioners should apply professional judgement appropriate to their discipline and jurisdiction.