Ring makes two-factor sign-in mandatory for its video doorbells, security cameras
The Amazon-owned maker of smart doorbells says it's tightening privacy and security.
Ring on Tuesday said all customers will now be required to use a second layer of verification, also called two-factor authentication, when signing in to accounts. The move comes after a series of incidents last year in which hackers took over Ring cameras in households around the country, and as the Amazon-owned company has faced scrutiny over its security measures.
With the update, customers will receive a one-time code via email or text message that must be entered in addition to a username and password when they log in to a Ring account. This applies to any shared users on an account, Ring said. The change will start rolling out to customers Tuesday.
Amazon bought Ring in 2018 for a reported $1 billion. The maker of smart doorbells and security cameras has helped expand the retail giant's smart homes push, but it's also attracted criticism from cybersecurity experts and privacy advocates. By partnering with police departments across the US to offer free or discounted video doorbells, the company has helped build a surveillance network that blankets communities with cameras.
Ring said Tuesday that it's also making changes to how third-party companies access Ring users' data, including "temporarily pausing the use of most third-party analytics services in the Ring apps and website," and letting people opt out of sharing info with third-party companies that serve up personalized ads.
Despite the announcement, a Gizmodo reporter found that Ring's website was still mining visitors' location data in its source code. The data, however, is being used only to determine if a visitor is coming from California or the EU, which have a different set of privacy laws that require different versions of the website.
Originally published Feb. 18, 8:14 a.m. PT.
Updates, 2:15 p.m.: Adds that Ring's website was still mining visitor data; Feb. 20: Clarifies that the location data that Ring's website tracks is used only to determine if the visitor is from the EU or California, which have different privacy laws that call for different versions of the site.