UK lays down fresh legislation banning crummy default device passwords

The UK’s Product Security and Telecommunications Infrastructure (PSTI) Act introduces crucial regulations to enhance the security of connected devices. Key points of the Act include:

  • Ban on weak default passwords: Devices with simple, easily accessible passwords like “12345” are no longer permissible.
  • Mandatory contact point for security issues: Manufacturers must provide channels to report vulnerabilities.
  • Clear updates policy: Vendors must clarify the duration for which devices will receive security updates.

This legislation is a first step, but experts like Professor Alan Woodward stress the need for broader security measures.

Read the full article.