You are downloading code compiled by someone else. In order to make this to work, you either need to add the username/password to the config.json (or use some ui to do it for you).
For 2 factor, you need to run another utility to generate the refresh token (ie a one time password that can be used by anyone) and this is added in plain text to the config.json file.
This is posted in the ring 2FA module:
"Note: Your refreshToken is just as valuable as an email/password so treat it with the same care you would a password. It can also be used for accounts that do not have 2fa enabled if you don't want your email/password in plain text in a config file."
Bottom line, someone gets into your computer or compiled the code with a backdoor, you are giving the keys out...
All true statements and I agree with you, and I have thought long and hard about what I'm doing. I have taken care to protect it as well as limit what can be sent out. And for obvious reasons I won't list them.
I wish Ring would provide this capability, but I've been told that they expect us to use Alexa's Routines for Home automation. So while Alexa routines do provide some of the functionality they don't provide complex if conditions, etc.
So it comes down to me deciding whether I want to run with the basic Ring setup or start to use other complimentary tools WHILE ensuring that I am keeping my system safe and sheltered from someone looking to cause mischief.
Home Assistant is more secure as it keeps everything on your local devices, but it has limited options to integrate with various other home systems.
Honestly, Ring is garbage! We have been promised for years HomKit integration and still nothing. They do not care about the Apple ecosystem or their users and the app sucks! It takes forever to load once you get a notification and by the time it does load, the subject is gone. This is why I have not purchased another Ring product. Until they get their act together and play nice with Apple, it may be my last! And then the doorbell I have my get used for target practice!
I recently installed the eero system which is an Amazon company and noticed support is available for HomeKit. Hopefully, Amazon will enable Ring for HomeKit too.
Overall, like many---I am tired of waiting for companies to integrate with HomeKit, so I have been slowly replacing my home automation devices. There appears to be HomeKit enabled doorbells in the pipeline.
I too remember when apple and ring announced HomeKit compatibility and HomeKit support was soon to follow. But ring hasn't continued to develop for the apple ecosystem or supporting the Apple customers with additional features. There's no app for Apple TV which could be a great selling point for Ring, just like the Apple Watch that is ignored and HomeKit is another missed opportunity we were told was coming.... I think it is clear Amazon wants apple users to buy Amazon smart Assistants and has no interest in developing anything for the apple ecosystem.
It is my GUESS that before Ring supports Homekit (if they ever do so), that Logitch will offer the needed mounting hardware to allow thier ClearView camera (that already has HomeKit support with ASV) to be used as a doorbell. Such a mount could provide a flush mount (as oposed to thier tilting one), prevent the privacy button from being pressed, and maybe even support battery power. Logitech offered a variety of mounting options (including battery power) with their prevoius camera so they know how to do all that. So I'm betting they beat Ring to the HomeKit Doorbell finish line.