Following several recent reports of hackers gaining access to people's internet-connected Ring doorbell and security cameras, Amazon yesterday announced to make two-factor authentication security feature mandatory for all Ring users.
Until now, enabling the two-factor authentication in Ring devices was optional, which definitely would have prevented most Ring hacks, but of course, many never bothered to enable it.
That means, from now onwards, at the time of login after entering the account's username and password, every user needs to input a secret six-digit authentication code sent to them via their phone or email.
Two-factor authentication is an effective defense because it acts as a deterrent, preventing unauthorized users from gaining access to your account even when they have your username and password.
"The same goes for any Shared Users that you have on your account. You can choose to receive this one-time passcode via the email address you have listed on your Ring account or on your phone as a text message (SMS)," Ring said in a blog post.
Well, better late than never. Ring's announcement comes a week after Google announced it will require two-factor authentication for all Nest accounts that aren't connected to a Google account.
The company recently also added a login notification feature for Ring accounts that aims to alert users anytime someone successfully logs into their account from a new device or browser.
However, there's still no indication that alerts or prevents users from using passwords that are known to be exposed to previous data breaches; thus, it is important to make sure you're using a password that is hard to guess and is unique to your Ring account.
Besides all these security enhancements, the Amazon-owned service has also paused the use of most third-party analytics services and offers a new opt-out option aiming to let users stop Ring from sharing their data with third parties.
Discover the Hidden Dangers of Third-Party SaaS Apps
Are you aware of the risks associated with third-party app access to your company's SaaS apps? Join our webinar to learn about the types of permissions being granted and how to minimize risk.RESERVE YOUR SEAT
"You can now opt-out of sharing your information with third-party service providers for the purpose of receiving personalized ads. If you opt-out, Ring will not share the information required to serve you personalized ads, though you may still see non-personalized Ring ads from time to time," the company said.
To opt-out of third-party data sharing, go to the Menu of Ring app > click 'Control Center' > open 'Privacy information and control' > then 'Third-party service providers' > then 'Personalized advertising,' and then toggle the switch to disable.
The company says the changes will be rolling out starting today, and that all Ring users should have access to them in the coming week.