The State of California has passed new legislation that will require hardware makers to provide a unique password for each and every device made or sold in the state. The “Information Privacy: Connected Devices” bill was approved by the legislature and will become law on January 1, 2020. It prevents devices from shipping with default passwords, such as 0000 or 123456, which are considered weak and hackable. Device makers will need to install a unique password for every device at the time of manufacture, or require owners to create their own unique password upon first booting or interacting with the device. This law applies to connected devices, or those that are “capable of connecting to the internet, directly or indirectly, and that [are] assigned an Internet Protocol address or Bluetooth address.” The goal is to prevent hackers from accessing certain types of connected gear via common passwords that can be guessed easily.
Write a comment