Earlier this month, the State of California made headlines by passing legislation that will require hardware manufacturers to implement unique hardcoded passwords for every connected device they produce and force users to change it upon first use. The bill, which takes effect in January 2020, renewed the debate surrounding our continued reliance on passwords as the primary method for access control and authentication.
Since the introduction of username and password authentication, the threatscape has changed dramatically. Today’s infrastructures are borderless, sensitive data often resides in the cloud, and workers are accessing enterprise resources from anywhere and everywhere. This evolution has made many legacy controls obsolete, particularly passwords, whose effectiveness has been questioned for years.
Leave a reply
