Ring Now Forces 2FA Logins

Ring Now Forces 2FA Logins

Amazon is reportedly enforcing mandatory 2FA on Ring account logins. Although 2FA (two-factor authentication) is already optional for Ring accounts, it will now be mandatory. This means that users now need to enter the code when they login to their ring account and this approach is no longer optional. Amazon sends the code directly through either the user’s email or SMS inbox. Users can choose the most convenient option. The code will work for primary and secondary sharing users.

In addition to using 2FA logins, Amazon’s Ring department made some other changes immediately. With some latest technologies, Ring’s doorbell was recently discovered to leak data to Facebook and other companies without the user’s consent or knowledge. What’s more, the information was even obtained from Ring users who do not have a Facebook account. Now Ring is working on providing users with new tools that will help manage third-party service providers.

Amazon did not specify which third parties to cut off though, the third-party activity is paused until the company figures out the way to offer more options to opt-out of sharing with users. Google Nest has also promised to apply mandatory 2FA, but the schedule is unclear. Nest plans to implement its own similar requirements as early as this spring. However, Ring surpassed its competitor Nest and decided to enable the 2FA logins immediately. Before Nest announced its plan on enabling mandatory 2FA logins in this Spring, Ring did not indicate that it would change its policy to enforce 2FA.

Even though there are still other ways that hackers can use to launch cyberattacks on these IoT devices, it is definitely more secure as an extra layer is added to protect user accounts due to this change. Not only Amazon, but also other IoT device manufacturers should improve IoT security and protect user data by enabling some mandatory authentication measures.

 

 

Contact LIFARS Immediately for

Your Cybersecurity Mitigation Plans

 

 


Credits:

https://www.scmagazine.com/home/security-news/privacy-compliance/ring-mandating-2fa-logins-ceases-some-third-party-activity/

https://threatpost.com/ring-mandates-2fa-hacks/152971/