Skip to main content

Ring (finally) makes two-factor authentication mandatory

(Image credit: Stephen Brashear/Getty Images)

At long last, Amazon's home security camera company Ring has enabled mandatory two-factor authentication, changing the way its users sign in to their accounts. 

The company said in a blog post that starting today (Feb 18) a second layer of verification will be needed to sign into Ring accounts. With every login, users will receive a temporary 6-digit code via email or phone that they must enter to access their accounts and camera feeds.

Although optional two-factor authentication was already available to Ring users, the company said its "taking additional steps to help [users] feel confident that [their] home and personal information are safe when [they] use our products."

This comes after a string of condemning reports regarding Ring's privacy standards late last year. Not only did three of the company's home cameras not meet Mozilla's privacy standards, but a number of users fell victim to system hacks. One bad actor even spied on an 8-year-old girl through a Ring camera in her bedroom.

Before December, Ring didn't notify users when an unknown device or browser logged into their accounts. Now customers are alerted via email anytime someone successfully gains entry to their account.

But the common denominator among all of last year's Ring attacks was not that hackers got into Ring's trove of personal data. It's that they gained accessed to Ring accounts through the front door using the legitimate users' previously compromised, reused passwords.

In a further effort to beef up privacy controls, users will now be able stop sharing personal data with third-party companies for a personalized ad experience. The company says its also pausing data sharing with third-party analytics services until it figures out an opt-out setting.

These changes to Ring accounts will roll out starting today, and all Ring users should have mandatory two-factor authentication enabled by the end of the week.