The UK National Cyber Security Centre (NCSC) orders smart device manufacturers to ban default passwords starting from April 29, 2024. The law, known as the Product Security and Telecommunications Infrastructure act (or PSTI act), will help consumers to choose smart devices that have been designed to provide ongoing protection against cyber attacks. The U
K. is the first country in the world to ban default credentials from IoT devices. The law applies to a wide range of smart devices including smart speakers, TVs, baby monitors, smartphones, game consoles, wearable fitness trackers, domestic appliances, and much more. Manufacturers must include security updates and designate contact points for security issues reporting. Failure to comply with the act could result in fines up to £10 million or 4% of qualifying worldwide revenue. ```https://securityaffairs.com/162557/laws-and-regulations/ncsc-uk-law-smart-devices.html