Two-Factor Authentication Is Now Mandatory for Ring Users

Following the numerous incidents that plagued Amazon and its smart Ring doorbell, the company has finally decided to implement a necessary security measure — two-factor authentication.

Ring started as the straightforward concept of smart doorbells that people could use to see who’s at the door and to record a video when someone was at their home when they weren’t around. The problems started to arise once Amazon began to give police access to the video feeds, without warrants.

Ring’s case wasn’t helped by the fact that this law enforcement feature was enabled by default. The product itself wasn’t all that secure to begin with, and Bitdefender found a vulnerability that would let attackers discover users’ Wi-Fi passwords

There was even a flurry of weird incidents, with bad actors connecting to strangers’ Ring security cameras, including in children’s rooms. The problem in those cases is that users tend to use the same credentials for multiple services so, when credentials for any service are leaked, attackers simply try stolen user names and passwords until they find something that works. Of course, two-factor authentication would make this attack vector much more difficult to exploit.

From now on, Ring is implementing two-factor authentication for everyone, not just for people who want it, and it should provide an extra layer of security.

“While we already offered two-factor authentication to customers, starting today we’re making a second layer of verification mandatory for all users when they log into their Ring accounts,” explained Ring’s Leila Rouhi. “This added authentication helps prevent unauthorized users from gaining access to your Ring account, even if they have your username and password.”

Even with this new feature, users shouldn’t take security for granted. That means using new and complex passwords, keeping devices and apps up to date, and using the Shared Users for your Ring account instead of offering someone else your credentials.