Good. You wouldn’t expect your online banking to come with a default password of 123456 so why should your smart speaker/fridge/doorbell…?:
The government has revealed plans to ensure that all consumer smart devices in the UK adhere to a trio of rigorous security requirements.
Drawn up by the Department for Digital, Culture, Media and Sport (DCMS), the plans require that all “consumer internet-connected devices” have a unique password that cannot be reset to any universal factory setting.
The plans also require the manufacturers of Internet of Things (IoT) devices to provide a point of contact to which anyone can report a security vulnerability they discover, and to ensure that security problems are “acted on in a timely manner”.
The third security requirement would require IoT device manufacturers to explicitly state a minimum length of time from the point of sale, be it online or offline, that a device will receive security updates from the vendor.