SoylentNews is people
SoylentNews
from the this-password-contains-patterns-known-to-the-State-of-California-to-cause-cracking-and-data-breaches dept.
Submitted via IRC for Bytram
Weak passwords to be banned in California
Default passwords such as "admin" and "password" will be illegal for electronics firms to use in California from 2020.
The state has passed a law that sets higher security standards for net-connected devices made or sold in the region.
It demands that each gadget be given a unique password when it is made.
Before now, easy-to-guess passwords have helped some cyber-attacks spread more quickly and cause more harm.
The Information Privacy: Connected Devices bill demands that electronics manufacturers equip their products with "reasonable" security features.
This can mean a unique password or a start-up procedure that forces users to generate their own code when using the gadget for the first time.
The bill also allows customers who suffer harm when a company ignores the law to sue for damages.
(Score: 2) by Hyperturtle on Sunday October 07 2018, @03:38PM
There's nothing wrong with keeping a paper notepad or notebook with complex passwords and lists of accounts and so on.
It worked for me and others for years and years when calling BBS's. It made it very easy to have a different password for every board -- some SysOps were not above logging in a users to use their file points elsewhere and download stuff, or just be jerks. Today's issues are different, but there are still a lot of jerks that would cause harm with your passwords if they were easily obtained or the same or both.
People that complain that it's not safe to write your passwords down usually are either not recognizing that most people have better things to do than memorize an extensive list of passwords, or the person complaining is hawking some password gatekeeper program that either costs money, shares info, is insecure itself, or has one password to open it up that can be hacked just the same as anything else, and cloud. There are a lot of elitest know-it-alls in IT (hey no comments).
If my computer crashes--my pad of paper won't. Microsoft also won't wipe the contents of my local notepad during an upgrade, too. And if I really was worried, I can type the stuff in and save it onto a diskette or USB stick--diskettes tend to last longer since they don't need power now and then to prevent 'bit rot'; disks can last longer than the computer that wrote to them by many generations of computers... but really, paper only has problems when wet or left in bright lighting for a long time. I have lists of things that aren't valid anymore, but like to look at now and then to jog memories of sites or boards where there are no screenshots or internet archive to review. If I actually memorized all of those passwords, I'd have likely mentally erased a lot of that to clear up space for new problems in my head.
Back to paper... If you have little kids or snooping people around that want to see your stuff, then that's another issue, but ultimately it is a matter of how much inconvenience people are willing to put up with for security. Sometimes a lockable desk drawer or a privacy lock on the notepad (like a teenage girl's diary--they sell adult versions, too) are all that it takes to keep honest people honest. You also don't have to put all of the keys to the kingdom in one place, especially the important yet infrequently used ones.
If someone bust into your house and took your stuff, you have worse problems than what the account and password is for some forum you post to now and then might be.