California Bans Weak Passwords in Connected Devices

California Bans Weak Passwords in Connected Devices

California has passed a law that sets higher standards for passwords.

Weak passwords on network connected devices have been plaguing the cybersecurity industry for years. As a way to inch forward in the battle of default passwords, California has passed a law that will make it nearly impossible for companies to use weak passwords after 2020. 

The state has passed a law, called the Information Privacy: Connected Devices bill, that sets higher security standards for network-connected devices made or sold in the region. It remains that each gadget has "reasonable" security features. 

This can mean a unique password for each and every device manufactured, or a start-up procedure that forces the user to generate their own password when deploying the device for the first time.

“There’s always more to do with information security, but sometimes targeted legislation addressing a specific problem can be effective," Tim Erlin, VP of product management and strategy at Tripwire, said. “Weak passwords are a problem, but this bill aims to address a more challenging and serious problem with poor default security in vendors’ products. It’s important that vendors see security as their responsibility, even after the customer takes possession of the product.”

Tech companies have until 2020 to change their connected devices to reflect the new law, and there will be consequences if the company does not comply. For instance, a customer can now sue if it is found that the hacked device's manufacture ignored the rules of the bill. 

About the Author

Sydny Shepard is the Executive Editor of Campus Security & Life Safety.

  • ONVIF is Reaching New Heights ONVIF is Reaching New Heights

    In this episode of SecurPod, Ralph C. Jensen and Leo Levit talk about the organization’s addition of GitHub and the milestone of more than 20,000 conformant products, as well as two Release Candidates. We also talk about the challenges ONVIF faced during this COVID-19 year and the biggest challenges they have faced.

Digital Edition

  • Security Today Magazine - May June 2021

    May June 2021

    Featuring:

    • Tapping into Touch-free Digital
    • Deep Learning
    • Working from Home
    • Body-worn Technology
    • A Tragic Turn of Events

    View This Issue

  • Environmental Protection
  • Occupational Health & Safety
  • Infrastructure Solutions Group
  • Spaces4Learning
  • Campus Security & Life Safety