Club Benefits
You are now subscribed
Your newsletter sign-up was successful
Want to add more newsletters?
Daily (Mon-Sun)
Tom's Guide Daily
Sign up to get the latest updates on all of your favorite content! From cutting-edge tech news and the hottest streaming buzz to unbeatable deals on the best products and in-depth reviews, we’ve got you covered.
Weekly on Thursday
Tom's AI Guide
Be AI savvy with your weekly newsletter summing up all the biggest AI news you need to know. Plus, analysis from our AI editor and tips on how to use the latest AI tools!
Weekly on Friday
Tom's iGuide
Unlock the vast world of Apple news straight to your inbox. With coverage on everything from exciting product launches to essential software updates, this is your go-to source for the latest updates on all the best Apple content.
Weekly on Monday
Tom's Streaming Guide
Our weekly newsletter is expertly crafted to immerse you in the world of streaming. Stay updated on the latest releases and our top recommendations across your favorite streaming platforms.
Join the club
Get full access to premium articles, exclusive features and a growing list of member rewards.
Wyze's devices have long been on our lists of the best home security cameras and best video doorbells, as they deliver a pretty good experience for a very low price. However, one area where they've generally been lacking in comparison to the competitors has been, ironically, security.
As recently as last year, the company suffered a security breach that allowed 13,000 users to see footage from other people's cameras. Three years ago, Bitdefender discovered another breach that proved unfixable for first-generation Wyze Cams.
VerifiedView: Now, when you set up a Wyze camera, VerifiedView will embed your user ID (scrambled, of course) onto the camera itself. From then on, any video, photo, or livestream from that camera will contain your scrambled userID in the metadata. Before you (or anyone) can then access those recordings, VerifiedView will cross-check the userID on the video with that of your account. This should prevent others from seeing your videos, even if there's a failure like the one that occurred last year.
Stronger logins: Wyze implemented OAuth, so you can now use trusted identity providers like Google, Apple, Facebook, or Amazon to log into your account. It also has enabled reCaptcha on Login Endpoints, Mobile Trust Device Security, Device Fingerprint Blocking, and Login Abuse Detection (User/Device/Location/IP).
Behind the scenes, Wyze said it's also instituting a bug bounty program, investing more with AWS security tools (including Lacework, AWS Security Hub, AWS Inspector, AWS GuardDuty, and Amazon Q CLI), and working with NCC Group, Bitdefender, Google MASA, ioXT and ReFirm Labs to conduct penetration testing.
Outlook
As someone who likes Wyze's devices but is leery of their privacy issues, these are all welcome changes indeed. Considering companies like Ring instituted mandatory 2FA five years ago, it's surprising that it's taken Wyze so long to follow suit.
Whenever you're in the market for a security camera or video doorbell, it's important to take a good look at the company that makes the device. Otherwise, you might never know who's watching you.
Editor's note: This story originally included mandatory 2FA as a new feature, but a Wyze representative said this has been a requirement since 2024.
More from Tom's Guide
You must confirm your public display name before commenting
Please logout and then login again, you will then be prompted to enter your display name.
