CISA issues secure by design alert for manufacturers on eliminating default passwords

The Cybersecurity and Infrastructure Security Agency is calling on software manufacturers to stop allowing their customers to use default passwords and to invest in ways to shore up their security, as part of the agency’s work to publish guidance on implementing its secure by design principles in a series of alerts.

“A core tenet of secure by design is that manufacturers create safe and secure default behavior in products provided to customers. The use of widely known default passwords is...