California has just passed a resolution to ban all traditional passwords such as 12345 or password from 2020. The Information Privacy: Connected Devices Bill (SB-327) which was passed last week says that companies which manufacture internet-connected devices such as routers, webcams, CCTV cameras will be strictly prohibited from using weak passwords on their devices from the said period of time.
In general, companies which manufacture routers and other internet connected devices offer administrative passwords which are easy to remember for the users. Consumers using such gadgets are expected to change the passwords as soon as they activate their device for their use.
But a survey conducted by Ponemon Institute says that most users rarely have the habit of changing the password and so become highly vulnerable to a hacker or malware.
So, the latest bill passed on by the Californian legislation says that from the year 2020 no company manufacturing or supplying internet-connected devices to the populace living in silicon city will be allowed to offer equipment with default passwords.
The SB-327 bill specifies that the manufacturers will have to use complex and unique admin passwords on their devices or have a start-up function that requires the user to create a strong password before the device is used for the very 1st time.
Cybersecurity Insiders has learned that the new law will come into effect from January 1st, 2020 and might also include web services providers like Facebook, Twitter, and Google to allow users to use their services only if they have security credentials like a strong password.
Note- Here the definition of a strong password means a password which has alpha-numeric characters in it along with 1 or 2 special symbols.