One of the main problems for many users in terms of security is the use of static passwords on newer devices. When purchasing a wireless router or camera, these products often have admin areas that require login data.
By default, most manufacturers implement the same default passwords for all devices in the same range. However, this opens the door to a problem.
Many users end up keeping what came from the factory without changing these default passwords. That is, if the attacker has control of the device, and the login data on the device has not changed, he can log in quickly.
However, A recent law It can be changed if passed in the UK. The new law passed today will prevent manufacturers from integrating “standard” passwords with their products – such as “admin” and “password”. Manufacturers must integrate and provide random passwords to the customer – or provide them with a way to create their own passwords directly.
In addition, manufacturers must notify consumers directly about future updates expected for a particular product. If this does not apply or there is no guarantee of updates, consumers should be aware of this.
The main purpose of this law is to ensure greater security for IoT devices, bypassing their traditional default passwords and following a more secure method.
Manufacturers who fail to comply with the new law could face fines of up to $ 10 million or 4% of the company’s total revenue.