in News2021

A bill banning the use of easy-to-guess initial passwords such as “password” has been submitted-UK

1.9k Views

Image about security

 
As the number of digital devices in the world increases, so does the number of cyber attacks on them.
 
In the United Kingdom, a bill has been submitted to Congress to ban the use of easy-to-guess initial passwords and to inform users of availability of security patches and updates to improve security.

Do not use easy-to-guess initial passwords such as “password” and “admin”

A bill submitted to the British Parliament is called the “Product Security and Telecommunications Infrastructure (PSTI) Bill”.
 
In the UK, there are currently an average of 9 Internet-connected devices in each home, and we predict that by 2030, there will be 50 billion Internet-connected devices worldwide.
 
However, it is said that there is a sense of crisis that only one in five manufacturers has taken appropriate security measures for digital devices.
 
Therefore, the bill first prohibits setting easy-to-guess passwords such as “password” and “admin” on digital devices as initial passwords.
 
The initial password must be unique for each device and must be reset to factory settings.
 
Many of the devices sold so far have the same initial password for all devices and have the user change it later, but this method cannot be used.
 
As for passwords, there is a survey result that not only manufacturers but also users often use passwords that are easy to guess.

There is also an obligation to inform users of security patch and update schedules

The PSTI bill also imposes an obligation on manufacturers to inform users of the availability of security patches and updates for digital devices.
 
In addition, you must inform users if you do not plan to provide updates, and do not provide contact information for security researchers to report any vulnerabilities or glitches to the manufacturer. It also says that it should not be done.

Violations will result in huge fines

Violations of this bill will result in fines of up to £ 10 million or 4% of global market sales.
 
In addition, if the violation continues, you will be fined up to £ 20,000 per day.
 
The bill applies not only to manufacturers, but also to retailers and online shops selling to the United Kingdom.
 
In addition, the target products include not only so-called digital devices, but also game consoles and toys compatible with Internet connection.

 
 
Source: UK Government via Engadget
(Hauser)

Source: iPhone Mania

Share this: