California Governor Jerry Brown has signed an Internet of Things law covering cybersecurity. California is the first state with a law like this.
Starting on January 1st, 2020, any manufacturer of a device that connects “directly or indirectly” to the internet must equip it with “reasonable” security features, designed to prevent unauthorized access, modification, or information disclosure. If it can be accessed outside a local area network with a password, it needs to either come with a unique password for each device, or force users to set their own password the first time they connect. That means no more generic default credentials for a hacker to guess.
If only it affected all IoT devices, instead of ones created two years into the future.
Check It Out: California Just Passed an Internet of Things Law