Ask HN: Password update/distribution mechanisms for IoT?

5 points by dmritard96 ↗ HN
Are there any standard approaches for password management in the IoT world? In the web world, the pattern is well defined. Reset your forgotten password, send an email with a temp, login with it, and change password more permanently.

IoT companies have the same challenge PLUS distributing passwords from your webservice down to your device/hub (well, that's one model). So far, googling has shown me that IoT doesn't really have this solved in a standard way but maybe I am not doing a good job with keywords or something.

We have contemplated various approaches but most of them have a viable attack vector. If the window of that vector is skinny enough it might be ok, but it seems like this problem is going to turn into a security or a management nightmare.

Ideas, suggestions, examples?

1 comment

[ 2.8 ms ] story [ 11.5 ms ] thread
Devices should not store passwords (or password hashes), and so should never need updating.

Instead, a unique TLS client certificate should be issued to the device during provisioning. If a device gets compromised, revoke its cert without affecting all the other (uncompromised) devices belonging to the user.

Getting through that provisioning process without confusing or annoying the user is the hard part.