The law is for devices that come out of the box with a weak default. Like buying a wifi hotspot where the default is “admin123” would be bad. The default being random and printed on a label in the device is probably what this is aiming to usher in.
From what I see on the article, it looks like it mostly applies to manufacturer set passwords - though it does look like the devices are now required to prompt the user if they try to set a weak or common password (though I can’t remember the last time I wasn’t prompted)
How they know what password we use in our device ? Do they scan our device without our permission ?
The law is for devices that come out of the box with a weak default. Like buying a wifi hotspot where the default is “admin123” would be bad. The default being random and printed on a label in the device is probably what this is aiming to usher in.
it’s been a very long time since I’ve seen a default that wasn’t random or a unique pass phrase
deleted by creator
Did you really just share an article without actually reading it?
It’s for manufacturer passwords, not ones set by users.
The legislation is to help regulate the manufacturers of IoT devices, not the users themselves.
Probably just default passwords
From what I see on the article, it looks like it mostly applies to manufacturer set passwords - though it does look like the devices are now required to prompt the user if they try to set a weak or common password (though I can’t remember the last time I wasn’t prompted)
No, others do that for them: insecam.org
Nah they scan your brain
🤔
That’s not what this law is about, but yes actually they do!
I’m not even in the UK and my domains get hit by UK authorities that claim to be scanning for vulnerabilities