Tech that comes with weak passwords such as “admin” or “12345” will be banned in the UK under new laws dictating that all smart devices must meet minimum security standards.
Measures to protect consumers from hacking and cyber-attacks come into effect on Monday, the Department for Science, Innovation and Technology said.
It means manufacturers of phones, TVs and smart doorbells, among others, are now legally required to protect internet-connected devices against access by cybercriminals, with users prompted to change any common passwords.
Brands have to publish contact details so that bugs and issues can be reported, and must be transparent about timings of security updates.
It is hoped the new measures will help give customers confidence in buying and using products at a time when consumers and businesses have come under attack from hackers at a soaring rate.
The only password I use is password because everyone is told not to use it so no one would try it, right?
“password” is the third password someone would try.
https://github.com/ctkqiang/JohnTheRipper/blob/8bcc165d327a5af5b88eafc81d07fb8d92475e55/run/password.lst#L16
https://www.openwall.com/john/doc/
That list is fascinating. abc123 is near the top, then like 10 more below that is a1b2c3, and then much further down is 123abc. What?
I guess people believe passwords that are awkward to type are somehow safer.
Some systems require your to change your password periodically. What do you change to if your existing password was ‘abc123’?
That’s genius. I’ll just assume your PIN is 1234 and let you go on your way, nothing bad will happen.
My pin is obviously 6969 because it’s fucking hilarious.