New cyber security laws are being proposed which will protect users from attacks through their smart devices.

The legislation would ensure manufacturers say when devices will stop getting security updates, ban easy-to-guess default passwords and make it easier to report software bugs.

It follows research from consumer group Which" which found a third of people keep phones for four years but some brands offer security updates for little more than two years.

Dr Ian Levy, technical director at the GCHQ-based National Cyber Security Centre, said: "Consumers are increasingly reliant on connected products at work and at home.

"The Covid-19 pandemic has only accelerated this trend and while manufacturers of these devices are improving security practices gradually, it is not yet good enough."