This was published 12/17/19 and is really concerning. They make it clear that Ring has no way for you to know that you've been hacked, that someone else is on your camera stream, no notice of unusual activity, etc.
I really hope Ring addresses the security concerns here:
Ring is not offering basic security precautions, such as double-checking whether someone logging in from an unknown IP address is the legitimate user, or providing a way to see how many users are currently logged in—entirely common security measures across a wealth of online services.
"They are worth billions so where is the investment in security," Daniel Cuthbert, who is on the committee for annual cybersecurity conference Black Hat, and who is also a Ring owner, told Motherboard.
The one thing Ring could offer that I would find helpful is a login history showing who and where. That would be nice, just to make me feel good.
But using a unique and strong password, and using two-factor authentication . . . you are about as secure as you can get. The problem is . . . most people do not do those simple things.
Yep, and also a simple "unusual log-in detected - if you don't recognize you should immediately change your password and call us" email or text should be a bare minimum for a company that is a "security" company. The history log should be there as well and it should have a note on how to immediately log everyone off the stream/account (ie the password change).
I think Ring is great, but it's unfortunate that with its resources that it still chooses to overlook basic measures like the article has stated.
And, I wonder how many know about two-factor authentication. There's a difference being prompted about it once by the app vs it being strongly recommened and constantly encouraged. Many Ring users are security noobs, they have no idea. The app / website should push regular reminders for two-factor authentication. I have several sites that constantly remind me to set it up.
Hi neighbors, I can assure you customer trust is most important to us and we appreciate this feedback. It has been shared with the team. Thank you!