As of January 1, 2020, the California Consumer Privacy Act SB-327 requires all cellular and internet connected devices shipped after that date to have unique default passwords for each device. This requirement increases security and reduces the likelihood of intrusion and malicious attack.
Many Digi products already comply and have unique passwords per device. However, Digi is updating all remaining products to come into compliance.
What we’re doing
Several product lines will be updated, before the end of 2019, with the following changes:
- Firmware will be updated to include a unique password per device, which will be assigned at the time of manufacturing. The unique password will be required for: \
- Adding the device to your Digi Remote Manager® (DRM) device inventory
- Configuring your device using a web interface or
- Configuring your device using the command line interface (CLI)
- Each device’s label will be updated with:
- Unique default password
- QR code for adding the device to your Digi Remote Manager® (DRM) device inventory with the DRM mobile app.
- An additional label sticker will be shipped loose in each cardboard carton. We recommend you keep this label for your records, in case the device is ever returned to factory defaults.
- Documentation, such as Quick Start and User Guides, will be updated.
What you need to do
Digi recommends you:
- Keep record of your devices’ unique default passwords by retaining the loose label stickers with your hardware records.
- Utilize the DRM mobile app for adding devices to your DRM inventory. It’s as easy as scanning the QR code on the box, device, or loose label sticker.
- Share these instructions with anyone who will be unboxing and installing Digi devices with unique default passwords.
For more details
Digi will publish further updates and details, including a list of product lines that are affected. Product Change Notices will be issued when each product line is changed. As always, you may contact your sales representative for more details.
Oct 18, 2019