Accurate, Focused Research on Law, Technology and Knowledge Discovery Since 2002

UK first country to outlaw easily guessable default passwords

TechSpot: “Why it matters: No matter how many hacks we see that are perpetrated via unchanged, weak default passwords on devices, manufacturers continue to use the likes of “password” and “admin” for login credentials. That’s no longer going to be the case in the UK, which has become the first country in the world to ban makers from using easily guessable default credentials on connected devices. An update to the UK’s Product Security and Telecommunications Infrastructure Act (PSTI) states that every device with online connectivity must either ship with a randomized password or generate a password upon initialization. According to the requirements, pre-installed passwords cannot be incremental (password1, password2) and cannot be related in an obvious way to public information such as MAC addresses or Wi-Fi SSIDs…”

Sorry, comments are closed for this post.