New UK law will hit smart home device makers with big fines for using default passwords

New UK law will hit smart home device makers with big fines for using default passwords

The UK has introduced the Product Security and Telecommunications Infrastructure (PSTI) Bill, a suite of new regulations designed to improve security on smart home devices, the government announced. The rules will ban easy-to-guess default passwords, require disclosure of security update release dates and more — under penalty of hefty fines. The new rules were originally proposed last year, following a long period of consultation, and are largely unchanged. The first one is a ban on easy-to-guess default passwords, including classics like "password" and "admin." All passwords that come with new devices will "need to be unique and not resettable to any universal factory setting," the law states. "Most of us assume if a product is for sale, it’s safe and secure. Yet many are not, putting too many of us …
More on: www.engadget.com