It usually starts with something small. A phone goes missing. A worker retires. A second hand handset changes hands in a hurry.
An employee leaves the office, but the Wi-Fi password stays the same. A mobile money PIN is the owner’s birth year.
The phone lock is the same four digits. The email password is no different. What looks like convenience is often the beginning of loss.
In cybersecurity, disaster rarely announces itself with drama. It comes quietly, through habits people repeat every day.
Too many people are still protecting their digital lives with the weakest things possible: birthdays, names, anniversaries, jersey numbers and simple number patterns.
Worse still, the same password is often reused across everything phone, email, Facebook, banking apps and mobile money.
That is not convenience. That is a chain reaction waiting to happen.
The danger is simple. If criminals discover one password, they do not stop there.
- Accident, piracy affected my career: Zembe
- Kim Jayde revels in SA award nomination
- Building narratives: Chindiya empowers girls through sports
- Public relations: Which innovations are driving PR in 2022 and beyond?
Keep Reading
They try it everywhere else. If your email password is the same as your mobile wallet PIN or online banking login, then one leak becomes many losses.
That is why cybersecurity experts now stress three basics: use long, unique passwords, use a password manager where possible, and turn on multi-factor authentication for important accounts.
This message matters even more in working environments. In many offices, passwords are treated casually.
Shared computers remain logged in. Former employees still know old access codes.
One password is passed from desk to desk until nobody remembers when it was last changed.
Then a worker resigns, retires or is dismissed and nothing changes.
That is not just poor administration. It is a security failure.
Any organisation that is serious about protecting its information must treat staff exits as a risk moment.
When someone leaves, access must be removed, passwords changed, devices checked and sensitive accounts reviewed.
A business does not become secure because it bought computers.
It becomes secure because it controls who can still enter its systems after people leave.
Then there is the mobile phone perhaps the most dangerous device to underestimate.
A phone is no longer just for calls. It is a bank card, an ID vault, an office desk, a photo album and, for many people, their entire digital life.
Inside it are passwords, messages, banking apps, contacts, personal documents and recovery codes.
Yet many people sell phones the same way they sell old shoes: quickly, casually and without checking what remains inside. That is reckless.
Before selling, donating or giving away a phone, a person should first back up needed data, remove the SIM card and memory card, sign out of accounts and then carry out a full factory reset.
Major consumer and device security guidance is clear on this point: deleting a few photos is not enough.
The device must be properly erased before it changes hands.
Buying a second hand phone also requires caution. If the device still contains the previous owner’s photos, emails, WhatsApp traces or saved accounts, that is not a lucky bonus. It is evidence of carelessness. And a careless digital history can become your future problem. No second-hand phone should be trusted with banking, mobile money or private work communication until it has been fully reset and set up afresh.
The deeper issue here is cultural. Too many people still think cybersecurity is only for banks, governments or large corporations. It is not.
It is for the vendor with a smartphone, the teacher with a salary account, the commuter with mobile money, the office worker with company email, and the family storing important documents on a device.
Good cybersecurity is not about paranoia. It is about discipline.
Do not use your year of birth as a password.
Do not recycle one PIN across your whole life. Do not sell a phone with your memories, accounts and identity still inside it.
Do not let an employee leave while your organisation continues to run on yesterday’s passwords. In the digital age, the smallest habits can create the biggest damage.
The safest people are not always the most technical. They are often the most careful.
And in cybersecurity, careful is what saves you.
*Wilfred Munyaradzi Kahlari is a cybersecurity expert, software developer and consultant at Kingwil Consultants. For feedback: [email protected] | +263 772 212 796
