While skimming some manuals for GE’s medical devices I saw a line that should make all of us think!
Passwords – Must be at least one character long, no NULL
Equipment responsible for health and safety doesnt enforce any kind of password strength or complexity! I have blogged about default passwords and I am starting to see them in medical equipment too. When will vendors realize that if we can’t get the basics right there is no chance we get anything right?? Every day in the news you hear about company’s getting hacked and a lot of times it is because of weak passwords guessed by hackers. Vendors have to step it up and force people to take security more serious!