Authentication App

Offer authentication app instead of Two-factor authentication (2FA) via SMS?

55 Likes

I agree with 2FA app … Duo, Google authenticator, etc.

Also need to add trust this device option for 30 days. Pain to go into the web page several times a day (and this forum) and have to authenticate every single time even if 2 minutes apart.

It’s great that Ring offers two-step verification for logging in to accounts but the fact that it is required for subsequent logon to devices previously authorized (as shown in the “Authorized Client Devices” list) is counterintuitive and frustrating. What’s the point of having an authorized client devices list if not to allow easier subsequent logon with just a username and password?

6 Likes

Please add a “remember this browser” option at the login screen to bypass 2FA after a successful login.

I like the idea of two-factor authentication, since it requires more than just my Ring password. While I typically check on my Ring stuff via the Android app, there are times where it is easier to check it via web browser on my computer. I believe there is a Windows Store app for Ring, but I do not want to install that at this point.

What I would like is just an option to tell ring.com to remember my browser and not prompt for the emailed security code again. This option is available for almost every other 2FA/MFA site I use, including banking sites. Some require re-authentication every 6 months, or if I have not logged into the site for a long time.

5 Likes

Agree, I don’t trust sms method

The 2Fa is the MOST annoying part of this!!!

Then they argue it’s NOT 2FA. Whatever the **** you want to call it, let us opt out.

After I’ve logged in I get one, then I get one logging into to a separate (not single sign in) forums. Holy **** this software is for the SH1TS!!!

I would switch over to N3st but they’re going that way too it seems.

ANd nbow you IDIOTS want a label to post when none apply?

4 Likes

Please eliminate two factor verification EVERY TIME you log into the Ring Community website. This is really security overkill! And discourages me from using this forum.

8 Likes

for the love of god turn this off. or allow the user to turn it off. this makes the device UNUSABLE. it’s every single… freaking time. it’s not once every few months and it logs you out very soon after signing in. and sometimes it sends you invalid codes. Ring is something immediate. I need it to stay logged in for MONTHS. not make me go thru some nightmare of doing a 2 step log in clogging my email wiht dumb emails I do not want. I need to be able to immediately look at my device when someone rings the doorbell. not hmm let me sign in again… oh now I have to sign into email… now it’s given me my code. what wrong code??? you cannot access your doorbell. Oh no I’ve answered my door and it’s bad guys and they’ve just robbed me. THANKS RING. this is the worst outfacing customer service decision I can see you guys making. FIX IT ffs.

6 Likes

Even more basic is to fix the two factor authentication login process that is implemented in a strange manner. Once login is achieved with uid and passwd then the second factor comes into play where the user must add in the server-side factor. Requiring the password again is useless (in a security sense) and forces unnecessary procedures on the user for no security gain.

I made an account here just for this. I strongly agree with the poster and commenters. I can’t overstate how much this would improve the usability of the Ring web page.

Gogle Authenticator, or similar applications that implement TOTP/HOTP, are pretty widely used these days. I have no idea why Ring users are limited to SMS. I’d even prefer email. Amazon accounts support MFA through an authenticator. This can obviously be extended to Ring, so why not do it?

MFA via SMS is better than no MFA at all, but is widely regarded as less secure than a token (like an authenticator app).

It’s like Amazon/Ring have taken the clunkiest approach possible to forcing MFA on users.

PLEASE PLEASE fix this. Two part authentication EVERY TIME I log into my Ring account seems extreme. I understand why this is necessary when I first sign in from a new device or browser but every single time is just annoying!

Everytime I log in from my Safari browser on my iPad, I’m forced to enter a verification code and then I receive an email stating “Your Ring account was signed into on a new device or browser.” The same device and browser that I have used dozens of times before!

1 Like

I have a 2FA from Google. If we must use 2FA, how about a real one instead of emails or texts. Mine stays in my desktop and press the button once a month for G-Apps. I’d welcome that for your portal. Just once a month with a real hardware key. Let’s speed this sign-in process up.

Yes, please stop making me use these codes to log into the web site, and then again to get into the forum. I’m getting a long list of emails with codes just from today because the web site logs me out automatically and then makes me put a new code in every time I log in.

Yes, please stop making me use these codes to log into the web site, and then again to get into the forum. I’m getting a long list of emails with codes just from today because the web site logs me out automatically and then makes me put a new code in every time I log in.

Yes, please stop making me use these codes to log into the web site, and then again to get into the forum. I’m getting a long list of emails with codes just from today because the web site logs me out automatically and then makes me put a new code in every time I log in.

When I login to Ring on my computer, it always requires me to enter a 2FA code from email - it doesn’t remember my computer. To make it worse, if I first log into Ring.com, and then from the Ring website click the link for community.ring.com, I have to enter a new 2FA code.

Requests:

  • Remember my computer. Most websites that require a login do this.

  • Don’t log me out automatically. Or at least give the option not to. We are the only ones with access to this computer. My phone doesn’t log me out, and there is a much higher chance that a stranger will get access to that.

  • Don’t require 2FA for these community boards. Fix your software so that access to the board doesn’t allow access to the Ring account without 2FA.

  • Give an option to send 2FA through a text, not email.

4 Likes

The current two factor login method is horrific. Literally you must have an email sent every single time you want to view anything related to your account. Perhaps an authenticated device and PW combo should be looked into, giving the end user the option to “save device” which would write a unique cookie based on the machine name, and provide 30-45 days of access on that specific machine with just allowing the password to be entered…I mean that is how banks and finanical companies do this. I know Ring had some issues with unauthorized viewing of cams and recorded footage…this could easily be remedied by NOT adding the save device option to the employee system, and still povide the convience to your customers so they would not have to authenticate multiple times a day if they wish to review their footage.

12 Likes

@MHouse44721 wrote:

" . . . Perhaps an authenticated device and PW combo should be looked into, giving the end user the option to “save device” which would write a unique cookie based on the machine name, and provide 30-45 days of access on that specific machine with just allowing the password to be entered…I mean that is how banks and finanical companies do this. "

That sounds like an EXCELLENT idea!

YES YES YES!

I think Ring just hurridly implemented 2FA to get past the bad press a few months ago, but you need to revisit it and do it right.

Why don’t you use text msg instead of email? Like iPhone literally almost doing everything for you at that point.