Yep, and also a simple “unusual log-in detected - if you don’t recognize you should immediately change your password and call us” email or text should be a bare minimum for a company that is a “security” company. The history log should be there as well and it should have a note on how to immediately log everyone off the stream/account (ie the password change).
I think Ring is great, but it’s unfortunate that with its resources that it still chooses to overlook basic measures like the article has stated.
And, I wonder how many know about two-factor authentication. There’s a difference being prompted about it once by the app vs it being strongly recommened and constantly encouraged. Many Ring users are security noobs, they have no idea. The app / website should push regular reminders for two-factor authentication. I have several sites that constantly remind me to set it up.