HomeTechNew UK Law Targets Weak Default Passwords Like ‘admin, ‘12345’ in Tech...

New UK Law Targets Weak Default Passwords Like ‘admin, ‘12345’ in Tech Devices


Related stories


The UK has introduced a groundbreaking law requiring all smart devices to have strong default passwords, a move aimed at bolstering cybersecurity. This new regulation mandates manufacturers to prompt users to set up their passwords and clarify how long devices will be supported, ensuring better protection against hacking and data breaches.

UK Implements New Cybersecurity Law to Eliminate Weak Default Passwords on Smart Devices

Key Highlights

  • UK law now bans simple default passwords to prevent unauthorized access to smart devices.
  • Manufacturers must ensure devices prompt users to change default passwords and provide clear support details.
  • Enhanced device security in the UK aims to protect user data and privacy against cyber threats.

In a bold move to boost cyber security, the UK has introduced a new law that bans the sale of tech devices with default passwords like “admin” or “password” or “12345”. Starting Monday, manufacturers of smartphones, TVs, smart doorbells, and other internet-connected devices are mandated to implement stronger security measures. This initiative aims to protect users from the increasing threats of cyber-attacks.

Why This Matters

Simple passwords, often the default on devices such as modems and routers, are notoriously easy for cybercriminals to guess, making devices easy targets for hacking. The UK’s Department for Science, Innovation and Technology is enforcing this change to ensure that all smart devices sold meet minimum security standards.

Key Changes for Manufacturers Under the new rules:

  • Manufacturers must prompt users to change default passwords during initial setup.
  • They must provide clear contact details for reporting security issues.
  • Transparency about how long devices will receive security updates is required.

Overview of New Security Measures

Requirement Purpose
Change of default passwords Prevent easy access by unauthorized users
Publishing contact details Facilitate reporting of bugs and security vulnerabilities
Transparency in update support Inform consumers about the duration of device support

Consumer advocacy group Which? has expressed strong support for the new law. Rocio Concha, Director of Policy and Advocacy at Which?, commented, “We expect smart device brands to act responsibly towards their customers and provide clear information on device support to facilitate informed purchasing decisions.”

Jonathan Berry, the Science and Technology Minister, emphasized the importance of these regulations: “As everyday life becomes increasingly dependent on connected devices, the threats from the internet multiply. These laws are crucial for ensuring that our personal privacy, data, and finances are protected.”

Global Implications

While the law is specific to the UK, its implications are global. As more countries observe the effectiveness of such regulations, similar measures could be adopted worldwide, enhancing global cyber security standards.

- Never miss a story with notifications

- Gain full access to our premium content

- Browse free from up to 5 devices at once

Latest stories