Weekly IoT Worries-Weak Passwords - IoTSecure




Weekly IoT Worries-Weak Passwords

Weekly IoT Worries: Weak & Easily Guessable Passwords

Simply defined as the use of easily brute-forced, publicly available, or unchangeable credentials. This includes backdoors in firmware and client software that grants unauthorized access to in-production systems.

Connected Devices and Internet of Things (IoT) endpoints are particularly flawed when it comes to using weak or guessable passwords. This is primarily due to how these devices are designed to simply work when plugged in.

On top of that, many connected devices have limited processing resources, so hardcoding things like passwords can reduce the need to have writable memory, therefore saving manufacturers money while putting their customers at increased risk.

These weak passwords allow malicious actors to gain unauthorized access and provide them with the perfect platform to launch a plethora of other attacks, such as ransomware, botnets, and other malware or persistent attacks.

The issue of password management on connected devices is further troubled by the general lack of a central ecosystem to maintain and change passwords. Add to the equation that non-IT and non-security employees maintain many organizations’ connected devices in the form of facilities management. To better control the password problems IoT presents on the corporate network. These groups need to work together to test and secure devices before deploying.

Get Blog Updates

Start your IoT Security Journey

Request a demo

Let our product experts show how IoT addresses you critical use cases.

Get a Demo

Request an Assessment

Get a no-obligation, free assessment for your business. identify assets and the risks they bring.

Get an Assessment

Get Blog Updates

 
 
 
 
 
 
 
 
 
 

submit your email to access the case study

    submit your email to access the case study

      submit the information below

        X