Internet-connected electronic devices will be banned by law from defaulting to weak passwords such as admin and 123456 in the UK under new laws that require all smart devices to meet minimum security standards. These measures came into force yesterday, according to the Department of Science, Innovation and Technology and as collected by the British newspaper The Guardian. It is the first initiative of this kind on a global scale.
This means that manufacturers of phones, TVs and smart home appliances, among others, will now be legally required to protect internet-connected devices against access by cybercriminals. In addition, in the event that a user wants to use a password considered not robust when creating a new account on one of these devices, the software installed by the manufacturer must prevent it.
According to a study by password management website NordPass, the ten most used passwords in the UK are 123456, password, QWERTY, Liverpool, 123456789, arsenal, 12345678, 12345, abc123 and Chelsea.
In this sense, Rocío Concha, policy and promotion director of the consumer protection organization Which?, said that "the Office of Standards and Product Safety (, for its acronym in English) must provide the industry with a clear guidance and must be ready to take strict action against manufacturers if they break the law”.
Precisely a study of Which? revealed that a British household is exposed to around 12,000 hacking attacks from around the world in a single week, with 2,684 attempts to guess weak passwords on five devices upside down. Also according to another recent study, 99% of UK adults have at least one smart device and households in this country have an average of nine connected devices. In addition, 57% of households have a smart TV; 53%, a voice assistant, and 49%, a smartwatch or a fitness bracelet.
For his part, the British Minister of Science and Technology, Jonathan Berry, stated that, "as everyday life becomes more and more dependent on connected devices, the threats generated by the internet multiply and become even greater. Starting today, consumers will have more peace of mind knowing that smart devices are protected against cybercriminals.”
Authorities hope that with this new legal measure, consumers will gain confidence when buying and using products connected to the network, at a time when attacks on consumers and businesses by hackers are growing at a pace dizzy These measures are part of the British Government's National Cyber Strategy, endowed with 2.6 billion pounds sterling (3.044 million euros).
It should be remembered that in December 2023 a parliamentary report said that Great Britain was vulnerable to a large-scale cyberattack due to the lack of planning and investment to deal with it. Even then, Margaret Beckett, president of the committee that drew up the report, assured that "the United Kingdom has the dubious distinction of being one of the most cyber-attacked nations in the world. For the committee, it is clear that the Government's investment and response to this threat are not equally successful on a global scale, which leaves us exposed to catastrophic costs and destabilizing political interference".
