The UK might ban default passwords

You know how, when you buy a new router to set up a home network, it comes with a default password like 'Admin,' which you have to remember to change?

If you don't, you run the risk of having your new network breached with ease (studies have found that over 10% of default passwords are never changes).

Good news, that's a step closer to going away.

There's a move afoot by legislators in the UK that will ban such passwords, and force IoT device manufacturers to tell their customers exactly how long their products will receive security updates and note that this specifically includes smartphones.

National Cyber Security Centre had this to say

"Consumers are increasingly reliant on connected products at work and at home. The COVID-19 pandemic has only accelerated this trend and while manufacturers of these devices are improving security practices gradually, it is not yet good enough.

To protect consumers and build trust across the sector, it is vital that manufacturers take responsibility and pay attention to these proposals now."

This is fantastic news, and while there's no firm timetable on when the newly proposed law will make its way through both chambers of the UK's Parliament, there's a broad base of support for the legislation and insiders give it an excellent chance of becoming law.

My perspective

When that happens, you can bet that politicians in the rest of Europe and in the United States will begin taking a very close look at it, its effectiveness, and its potential pitfalls. Kudos to the Brits for leading the charge here. Legislation is long overdue to help shore up security where IoT devices are concerned, and this is certainly a powerful step in the right direction. We look forward to seeing the final shape and form of the law.

 

You can almost hear them say... "My name is Bond… James Bond"

 


By Denis Wilson

Cybersecurity Expert, Small Business Technology Consultant, Managed Services Provider, Managed IT Support

Thanks for reading this short post. For more tips on thriving with small business technology, check out the other blog posts at DWPIA Blogs. You can also find me on LinkedIn, Facebook, and Twitter

I am also a published author and speaker on cloud computing, work@home, and cybersecurity. I work extensively with business and professional associations to provide small business technology education programs.

 

Contact me if you would like me to speak to your association