Millions using 123456 as password, security study finds
Millions of people are using easy-to-guess passwords on sensitive accounts, suggests a study.
Ministers consider proposals aiming to help consumers identify which products are more and which are less secure.
Smart TVs and other internet-connected household devices will be made to carry labels setting out how secure they are, under proposals being put forward by the government.
Ministers want the labels introduced on a voluntary basis at first, but propose that they are eventually made mandatory. The labels would help consumers identify which products are more and which are less secure.
Under the plans, announced by the digital minister Margot James on Wednesday, retailers would only be able to sell products that carried the label, which would indicate to consumers whether the device conforms to the principal three security standards set out by the government in a longer code of practice in February.
The move is designed to tackle the problems posed by insecure connected household devices, such as TVs, thermostats and doorbells and locks, which can be hijacked by malicious actors. There have also been warnings that governments could use them to spy on people in their homes.
The scheme will form part of a wider government consultation into improving general cybersecurity in the UK, with three key requirements in a code of practice for device manufacturers.
The requirements include ensuring passwords on internet of things devices are not resettable to a universal factory setting, and ensuring they provide a public point of contact as part of a policy for disclosing any discovered vulnerabilities.
It also calls for device makers to explicitly state the minimum length of time a device will receive security updates.
Ministers also set out alternative proposals to make the sale of any device that does not conform to the three standards illegal, without the need for a label system.