CoP 1: No default passwords

All IoT device passwords shall be unique and not resettable to any universal factory default value.

 

Many IoT devices are being sold with universal default usernames and passwords (such as “admin, admin”) which are expected to be changed by the consumer. This has been the source of many security issues in IoT and the practice needs to be eliminated. Best practice on passwords and other authentication methods should be followed.

 

Primarily applies to: Device Manufacturers

 

 

Download this data (JSON) (CSV) (ODS)

search previous next tag category expand menu location phone mail time cart zoom edit close