Tech that comes with weak passwords such as “admin” or “12345” will be banned in the UK under new laws dictating that all smart devices must meet minimum security standards.
Measures to protect consumers from hacking and cyber-attacks come into effect on Monday, the Department for Science, Innovation and Technology said.
It means manufacturers of phones, TVs and smart doorbells, among others, are now legally required to protect internet-connected devices against access by cybercriminals, with users prompted to change any common passwords.
Brands have to publish contact details so that bugs and issues can be reported, and must be transparent about timings of security updates.
It is hoped the new measures will help give customers confidence in buying and using products at a time when consumers and businesses have come under attack from hackers at a soaring rate.
Please let’s do the same for banking next. I’m tired of seeing maximum length limits on passwords, and SMS as the only option for 2FA.
It seems the UK’s high street banks aren’t going to upgrade or improve their aging systems unless forced.
And that maximum length is… 6 characters. S I X
I have considerably more characters than 6 at lloyds
Banking security is so bloody awful it’s insane. I just want passkey support.
Removed by mod
“password” is the third password someone would try.
That list is fascinating. abc123 is near the top, then like 10 more below that is a1b2c3, and then much further down is 123abc. What?
I guess people believe passwords that are awkward to type are somehow safer.
Some systems require your to change your password periodically. What do you change to if your existing password was ‘abc123’?
That’s genius. I’ll just assume your PIN is 1234 and let you go on your way, nothing bad will happen.
Removed by mod
One friend admitted his PIN was 0071.
Another is a rabid Everton fan and his PIN is 1878 - the year the club was founded, so he probably doesn’t change it. Worse though is that he painted his yard fence blue and wrote 1, 8, 7 and 8 on his fenceposts - I don’t know many people who’d paint their PIN a foot high somewhere visible to his neighbours. He came over once so I could help him put a route on his bike’s satnav but it needed a password. I didn’t ask, I just typed “efc1878” and got straight in. He admitted that was his password on pretty much everything. The lesson - don’t get sentimental with cyber security.
So… Every new device will now have a default password of P@ssw0rd! I guess
I’ve noticed routers in recent years have default passwords like “wristrhino040” printed on the sticker on the bottom. I suspect we’ll see more of that.
I mean the headline sounds good, but I don’t trust this government not to actually make things worse somehow
(and I can’t be arsed to read the article to find out how)Yeah. I’m sure the Chinese manufacturers will get on to this right after faking the CE markings. Any second now…
Fuck.
That’s way too short. You’ll definitely need a better password than that.
Why? Unless you like breaking into other people’s devices, this is good news.
Does that include cheap Bluetooth devices that need a password and use 0000?
Probably internet stuff. Bluetooth isn’t internet