Secure by Design Alert: How Manufacturers Can Protect Customers by Eliminating Default Passwords
CISA created this guidance to urge technology manufacturers to proactively eliminate the risk of default password exploitation by implementing Principles 1 and 3 of the joint guidance, Shifting the Balance of Cybersecurity Risk: Principles and Approaches for Secure by Design Software:
- Take ownership of customer security outcomes.
- Build organizational structure and leadership to achieve these goals.
By implementing these two principles in their design, development, and delivery processes, software manufactures will prevent exploitation of static default passwords in their customers’ systems. “How Manufacturers Can Protect Customers by Eliminating Default Passwords” is the second Secure by Design Alert in our new series that focuses on how vendor decisions can reduce harm at a global scale.
To learn more about this series, and how vendor decisions can reduce harm at a global scale, refer to the Secure by Design Alert Series blog.