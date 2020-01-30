Forgot the password? Your device is bricked.

    Iot device manufacturers must be thrilled by a new UK legislation that requires the use of unique default passwords on all connected devices. And more importantly bans the password reset feature.

    This means if you forget the password and don't have the original documentation with your unique password you can throw out the device because it is basically bricked.

    Let's be honest you don't often need the password for most devices so it is more than likely to get misplaced or forgotten after a few months or years. Chalk another one up for planned obsolescence, this time mandated by the state.

    Source
     
    The flip side to this is that by NOT doing this, you inevitably create massive bot nets around compromised IoT devices.

    The simple solution is to stick / etch the unique password onto the device itself.

    Correct me if I'm wrong, from this I don't think it's saying you can't reset the password, just that you can't reset it to some universal default like 123456.

    In my opinion, this is a MASSIVE step in the right directly.
     
