A European country has just passed a law to better secure connected devices. Manufacturers can no longer leave them protected by weak passwords.
By dint of repeating them, rules for creating a secure password resemble those lessons that one could repeat by heart without thinking when one was a schoolboy. First make sure it is long enough, at least 12 characters, or even 16. But length is not everything, so you must use lower and upper case letters, numbers and special symbols when they are allowed. Finally, do not use the same password for two different online services. This limits the risk of massive hacking when one of them is compromised.
But even if more and more people are aware of these principles, this does not prevent us from regularly finding the classics “azertyuiop” and “123456” among the worst passwords in existence. Many sites refuse to allow us to use them by imposing certain conditions, however this is not the case for the majority of our connected devices which often arrive with very weak pre-recorded sesames like “0000” or “admin”. A European country wants to remedy this with a radical method: passing a law which prohibits manufacturers from using it.
Weak passwords are now banned on connected devices in this country
It is in the United Kingdom that the text in question came into force this Monday, April 29, 2024. It requires manufacturers of connected TVs, smartphones and even smart doorbells of no longer leave weak passwords on their devices. Users who seek to validate one will be asked to change it. But that’s not all: the new law also requires companies to clearly indicate their contact information to allow the reporting of possible bugs, while displaying when and how long they plan to deploy security updates.
Jonathan Berry, Minister of Science and Technology of the United Kingdom, welcomes this, while displaying his ambitions for the country. “Starting today, consumers will have greater peace of mind knowing that their smart devices are protected against cybercriminals, thanks to the introduction of world-first laws that will ensure the security of their privacy, their data and finances. We are committed to making the UK the safest place in the world to be online and these new regulations mark a significant step towards a more secure digital world“. This is indeed the case, pending the generalization of passeskeys.
Source: The Guardian