The organisation's advice was issued on Tuesday, during Australian Privacy Awareness Week, and it also urged people to visit the dedicated website that the Office of the Australian Privacy Commissioner has created to mark the week.
"That way, if one of the sites loses your password in a data breach, an attacker can’t use that same password to access your internet banking or your email," it said.
Facebook settings should be reviewed to ensure that one was not over-sharing material, EFA said. And turning on 2FA for one's email account was recommended.
"If you forget your password on other sites, the password reset email is sent here, so if someone else manages to get into your email account, they could potentially get access to every other account you have by resetting all your passwords. 2FA makes this much, much harder to achieve," EFA said.
Lavi Lazarovitz, group research manager at security vendor CyberArk Labs, also commented about privacy week, saying it was a reminder "to take stock of the sensitive data we share online, how that data is protected, as well as what data is stored within organisations".
He warned against the dangers of biometric authentication, saying it was "becoming a more popular cyber security tool – with not only consumer device manufacturers but also many enterprise organisations exploring the use of biometric markers for authentication to safeguard sensitive data".
"However, because of the permanent nature of fingerprint, voice and face identifiers, this has opened up a new area of concern when it comes to data privacy," Lazarovitz said. "If someone steals and uses or duplicates your biometric identity, you can’t do much about it – you can’t change your face in the same way you can reset your password.
"Furthermore, the permanence of biometric authentication could easily lead some individuals and organisations to become overly confident in the technology and give up on cyber security best practices such as strong password policies and multi-factor authentication.
"Cyber attackers understand all of this and have mounted a wave of attacks targeting these identities to gather massive amounts of biometric data for future modelling purposes and nefarious use."
Lazarovitz said while biometric identifiers were an effective means of authentication, there was "still much work to be done on both the cyber security and privacy regulation fronts before organisations could adopt this futuristic authentication approach with confidence".
"While the future of traditional passwords isn’t looking bright, the stakes are much higher and the security and privacy risks are much greater when it comes to biometric authentication," he said.