An internet security expert has warned that an alarming 20% of passwords used by the different government agencies in Australia, including those used by four federal government agencies, can be easily hacked using "brute force" hacking tools.

What is more alarming, RMIT University's Dr Mark Gregory said, is that some passwords used by the prime minister's department, are also vulnerable.

Conducted by the Australian National Audit Office, the report found about 20 per cent of each agency's passwords that it tested could be compromised using a "brute force" test.

Gregory, a Senior Lecturer in Network Engineering at RMIT's School of Electrical and Computer Engineering, said he is available to comment on the issues related to "brute force" hacking and password protection.

Amongst the issues that needs to be answered were: What is "brute force" hacking?

How do you stop a "brute force" attack?

How can you identify that a "brute force" attack is occurring?

What simple measures can large and small businesses take to better protect themselves from cyber attacks?