You have commented 339 times on Rantburg.

Your Name
Your e-mail (optional)
Website (optional)
My Original Nic        Pic-a-Nic        Sorry. Comments have been closed on this article.
Bold Italic Underline Strike Bullet Blockquote Small Big Link Squish Foto Photo
Submit your comments on this article
-Land of the Free
Weak passwords banned in California from 2020
2018-10-08
[BBC] Default passwords such as "admin" and "password" will be illegal for electronics firms to use in Caliphornia, an impregnable bastion of the Democratic Party, from 2020.

The state has passed a law that sets higher security standards for net-connected devices made or sold in the region.

It demands that each gadget be given a unique password when it is made.

Before now, easy-to-guess passwords have helped some cyber-attacks spread more quickly and cause more harm.

The Information Privacy: Connected Devices bill demands that electronics manufacturers equip their products with "reasonable" security features.

This can mean a unique password or a start-up procedure that forces users to generate their own code when using the gadget for the first time.

The bill also allows customers who suffer harm when a company ignores the law to sue for damages.
Posted by:Fred

#13  Oh, you haven't had to deal with the Mypay Account system. If you are going to make it that difficult and tedious, go back to paper, far more user friendly.
Posted by: P2kontheroad   2018-10-08 19:17  

#12  35 years ago we'd get notices every week from Admin to change our passwords to something 10 characters or longer etc. etc. blah blah blah.

Only problem was that damn near every terminal had a sticky note on it with the new password.

be careful what you ask for.......
Posted by: AlanC   2018-10-08 19:07  

#11  With the Linux operating system, the system administrator can control settings that force users to select passwords with a certain minimum length that include upper and lower case letters, numeric and special characters. We used to have security audits all the time and had to confirm that those settings were in place. It doesn't mean that Jerry Brown knows your password.

Having said that, your password won't matter if the chips on the motherboard send it to China.
Posted by: Abu Uluque   2018-10-08 11:38  

#10  Stopping botNets is a lot like vaccination.

I think ISPs should be constantly trying to hack their customers and shutting them off if they don't patch.
Posted by: Bright Pebbles   2018-10-08 10:38  

#9  companies haven't done anything because they don't give a shit.

And why should they? I'm a great believer in individual responsibility. The only reason I don't hate this is that weak passwords that allow hacking effects a lot more people than the idiot that put in the weak password.
Posted by: AlanC   2018-10-08 09:38  

#8  Actually not that bad of an idea. Weak passwords and security protocols have allowed the botnet to sweep up a lot of routers and take them over.

Most people aren't security minded and just leave the weak security in place and companies haven't done anything because they don't give a shit.
Posted by: DarthVader   2018-10-08 09:08  

#7  Will "Gov Moonbeam" pass the sniff test?
Posted by: Speash Phinenter8714   2018-10-08 08:55  

#6  I am starting to believe some companies like Apple force you to change your password every so many months by pretending you are misremembering or mistyping it.
Posted by: rjschwarz   2018-10-08 08:19  

#5  "made or sold in the region"...

THAT should convince more businesses to ĺeave.
Posted by: Ebbavirt Clunk4147   2018-10-08 05:22  

#4  You could send an unsalted hash of the password to the government to see if it was on an unsafe list.
Posted by: Bright Pebbles   2018-10-08 04:46  

#3  Next up! Mandatory password registration with the state government.

For your own protection of course!
Posted by: CrazyFool   2018-10-08 02:29  

#2  NOTICE: All of your passwords will now have to be submitted to and approved by the Chinese California Password Vetting Agency. No exceptions.
Posted by: PBMcL   2018-10-08 00:52  

#1  "WhatAboutBorderSecurity" or "BuïldTheDamnWall" are passwords I recommend.
Posted by: Ebbavirt Clunk4147   2018-10-08 00:14  

00:00