Submitted via IRC for Bytram
Weak passwords to be banned in California
Default passwords such as "admin" and "password" will be illegal for electronics firms to use in California from 2020.
The state has passed a law that sets higher security standards for net-connected devices made or sold in the region.
It demands that each gadget be given a unique password when it is made.
Before now, easy-to-guess passwords have helped some cyber-attacks spread more quickly and cause more harm.
The Information Privacy: Connected Devices bill demands that electronics manufacturers equip their products with "reasonable" security features.
This can mean a unique password or a start-up procedure that forces users to generate their own code when using the gadget for the first time.
The bill also allows customers who suffer harm when a company ignores the law to sue for damages.
(Score: 0) by Anonymous Coward on Saturday October 06 2018, @04:28PM
Yet for an untrained individual they are innumerable.
If software updates are necessary they should be automatic ... but that will cause havoc in the minds of the "it's mine! I paid for it!" crowd that doesn't want automatic updates. So a very conspicuous "Do you want this device to automatically apply software updates?" question immediately after the required changing of the password.
There are no perfect solutions to this, but a great deal can be improved with just a few small measures. Let's not ignore the 80% - 90% of prevention we can take with these initial small steps.