UK says NO to ransom passwords such as admin, 123456 and qwerty


The United Kingdom has recently passed a groundbreaking data security bill, marking a significant milestone globally. This legislation takes a firm stance on enhancing cybersecurity by prohibiting the use of common and easily guessable passwords, a move aimed at fortifying digital defenses against potential breaches.

Effective immediately, all online entities, including services, organizations, and individuals, are prohibited from employing easily predictable passwords like “12345,” “qwerty,” and “admin.” Should such passwords be attempted during account creation, users will be prompted to select a different, more secure option, as mandated by the British government.

The susceptibility of easily guessable passwords poses a considerable threat, serving as a prime target for hackers who leverage automated tools to exploit weak security measures. To counter this vulnerability, the UK government has compiled a comprehensive list of banned passwords, signaling its commitment to bolstering cybersecurity measures.

Hence manufactures of smart devices should either give an option to user to change their password on first boot-up or use a secure 12-15 character password to protect their consumers from password based attacks.

Scheduled for enforcement starting April 29, 2024, this legislation positions Britain at the forefront of global cybersecurity initiatives. Notably, manufacturers of smart connected devices, encompassing smartphones, smart doorbells, connected TVs, and other technologically advanced gadgets, will be obligated to enforce stringent password policies, thereby enhancing overall digital resilience.

Among the prohibited passwords are commonly used phrases such as “123456,” “passwords,” “qwerty,” “123456789,” as well as football-related terms like “arsenal,” “Liverpool,” “Chelsea,” and notable names like “David Beckham.”

In light of these developments, individuals are encouraged to adopt robust password practices to mitigate security risks effectively. This includes opting for passwords of at least 15-18 characters in length, ensuring complexity and uniqueness to deter potential breaches. Utilizing password management tools can streamline this process and enhance overall security posture.

Moreover, implementing multi-factor authentication (MFA) offers an additional layer of protection, further safeguarding accounts against unauthorized access. Vigilance is paramount, and users are advised to exercise caution when encountering suspicious links or websites prompting the input of credentials. Verifying the authenticity of such requests can prevent falling victim to phishing attacks and data breaches.

In essence, the enactment of this data security legislation underscores the UK’s proactive approach to combating cyber threats, setting a precedent for global cybersecurity standards. By fostering a culture of heightened awareness and robust security practices, individuals and organizations alike can navigate the digital landscape with greater confidence and resilience.

Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security

No posts to display