

Ask HN: Password update/distribution mechanisms for IoT? - dmritard96

Are there any standard approaches for password management in the IoT world? In the web world, the pattern is well defined. Reset your forgotten password, send an email with a temp, login with it, and change password more permanently.<p>IoT companies have the same challenge PLUS distributing passwords from your webservice down to your device&#x2F;hub (well, that&#x27;s one model). So far, googling has shown me that IoT doesn&#x27;t really have this solved in a standard way but maybe I am not doing a good job with keywords or something.<p>We have contemplated various approaches but most of them have a viable attack vector. If the window of that vector is skinny enough it might be ok, but it seems like this problem is going to turn into a security or a management nightmare.<p>Ideas, suggestions, examples?
======
andymurd
Devices should not store passwords (or password hashes), and so should never
need updating.

Instead, a unique TLS client certificate should be issued to the device during
provisioning. If a device gets compromised, revoke its cert without affecting
all the other (uncompromised) devices belonging to the user.

Getting through that provisioning process without confusing or annoying the
user is the hard part.

