TechSpot: “Why it matters: No matter how many hacks we see that are perpetrated via unchanged, weak default passwords on devices, manufacturers continue to use the likes of “password” and “admin” for login credentials. That’s no longer going to be the case in the UK, which has become the first country in the world to ban makers from using easily guessable default credentials on connected devices. An update to the UK’s Product Security and Telecommunications Infrastructure Act (PSTI) states that every device with online connectivity must either ship with a randomized password or generate a password upon initialization. According to the requirements, pre-installed passwords cannot be incremental (password1, password2) and cannot be related in an obvious way to public information such as MAC addresses or Wi-Fi SSIDs…”