Nest Adds Two-Step Authentication to Increase Security for Nest Cams and Thermostats

by

Smart home accessory company Nest today announced the addition of two-step authentication into its mobile apps for iOS and Android devices, which will act as an extra layer of security that prevents intrusions into a user's Nest account. The company said that these extra security measures can help prevent malicious access to private information, particularly camera feeds of Nest Cam products.

To activate two-step authentication, users can find a toggle menu in the Account Security settings of the official Nest app. After "2-step verification" is toggled on, users will have to sign in again by typing in a traditional email and password. Two-step authentication makes the process more secure by then texting a verification code to an approved device, which Nest owners will then have to enter into the app to gain access to their Nest products.

We all know data security is a moving target. Technology keeps advancing, but so do the people who want to break into your email, your credit card or any other account they can get their hands on. But your home is your safe haven, where private information should stay private. So today we’re adding a new layer of security with the introduction of two-factor authentication.

You may have seen or used two-factor authentication before, probably to get into your email or bank account. It’s simple but very effective – even if someone figures out your password, they still need to actually get their hands on your phone to get into your account. It takes a minute or two for our customers, but for hackers working from computers all over the world, things get a whole lot harder.

Nest said that this isn't the first time it has updated security across all of its products, and the company intends to continue rolling out security and privacy-focused tweaks to Nest Thermostats, Nest Protect smoke alarms, and Nest Cameras "as new technologies become available or we learn about new threats."

Tag: Nest

Top Rated Comments

(View all)
Avatar
45 months ago
Guys, this is not 2 factor authentication. This is two step authentication. There is a difference!

Two factor identification makes sure it is gathering two of the following:
- something you have
- something you know
- something you are
- some people also now include "somewhere you are" as an additional factor now, but this is still new

two-step is not two factor... Apple for instance had two step auth before (and still does), but then it added true two-factor auth when codes were no longer sent via text message but rather sent directly to an approved device. That allowed for two-factor to be complete (something you know - a password - and something you have - a device).

Nest's release really makes a jumble out of this by calling it both "two step" and "two factor" in simultaneously in their release. It sounds like the engineering guys are calling it "two step" correctly, but then the marketing guys got ahold of it and didn't know what they were talking about and called it two factor.
Score: 11 Votes (Like | Disagree)
Avatar
45 months ago

With the method you linked to (which, I understand, is just one method) -- that's assuming I registered a standard cell number to receive the two-step verification SMS messages. I've got a VoIP line that accepts SMS and several Google Voice numbers that all obviously accept SMS. If someone wanted to find out which number I used badly enough, I'm sure they could; but most people wouldn't bother.

Using services that can forward SMS to other devices (e.g. via email) are far less secure than using a real mobile phone number (which is why e.g. banks often don't allow Google Voice numbers or similar for delivery of TANs). They also make it decidedly "not two-factor", since the bad guys can intercept the codes if they know your email credentials (e.g. from phishing or otherwise hacking your account).

SIMs with modern encryption specifications are actually not easy to clone (unfortunately some carriers still use SIMs with less secure old encryption methods though). The bigger risk is that hackers have sometimes been able to convince phone companies to activate a phone number on a new SIM via social engineering, or capture the SMSs via malware that is running right on the phone (particularly common on Android).
Score: 2 Votes (Like | Disagree)
Avatar
45 months ago
No HomeKit? No way!
Score: 2 Votes (Like | Disagree)
Avatar
45 months ago
Meh. I trust HomeKit more.
Score: 2 Votes (Like | Disagree)
Avatar
45 months ago

No HomeKit? No way!

Why would they? Nest is a competitor to HomeKit.
Score: 1 Votes (Like | Disagree)
Avatar
45 months ago
Great. Now you just have to trust Google to have access to your camera!
Score: 1 Votes (Like | Disagree)

Top Stories

Apple Takes Legal Action Against Small Company With Pear Logo

Saturday August 8, 2020 11:09 am PDT by
Apple is taking legal action against the developers of the app "Prepear" due to its logo, according to iPhone in Canada. Prepear is an app that helps users discover recipes, plan meals, make lists, and arrange grocery deliveries. The app is a spinoff of "Super Healthy Kids," and the founders claim that they are facing litigation from Apple. Apple reportedly takes issue with Prepear's logo, ...

Kuo: Global iPhone Shipments Could Decline Up to 30% If Apple Forced to Remove WeChat From App Store [Updated x2]

Sunday August 9, 2020 10:17 pm PDT by
In a worst-case scenario, Apple's annual global iPhone shipments could decline by 25–30% if it is forced to remove WeChat from its App Stores around the world, according to a new research note from analyst Ming-Chi Kuo viewed by MacRumors. The removal could occur due to a recent executive order aiming to ban U.S. transactions with WeChat and its parent company Tencent. Kuo lays out...

Google Maps Debuts New Apple Watch App and CarPlay Features

Monday August 10, 2020 9:16 am PDT by
Google today announced the launch of several features for Google Maps on Apple products, including new CarPlay functionality and a new Google Maps app that works on Apple Watch. The new Google Maps app for Apple Watch works similarly to the iOS app, allowing Apple Watch owners to get directions for a car, bike, public transit, or on foot. The app supports estimated arrival times and...

Foxconn Reportedly Begins Seasonal Hiring Spree for iPhone 12 Production

Monday August 10, 2020 7:03 am PDT by
Apple's largest manufacturing partner Foxconn has begun its seasonal hiring spree to assist with iPhone 12 production, offering employees who recruit qualified applicants up to a 9,000 yuan bonus, according to Chinese media reports. As usual, Foxconn needs as many hands on deck as possible at its factory in Zhengzhou, China to assist with mass production of the upcoming iPhones. Apple is...

Apple May Release 4G-Only iPhone 12 in Early 2021

Tuesday August 11, 2020 5:28 am PDT by
In a research note shared by Business Insider, Wedbush Securities analysts said that Apple may release a cheaper iPhone 12 in early 2021 with no 5G connectivity. Wedbush initially believed Apple would launch a mix of 4G and 5G iPhone 12 models this fall. Following re-examination of Asian supply chains, analysts Daniel Ives, Strecker Backe, and Ahmad Khalil revised the predictions,...

2020 iMac Teardown Reveals Internal Changes and Similarities

Saturday August 8, 2020 12:44 pm PDT by
A teardown video, shared by OWC, reveals the internal changes in the new 2020 27-inch iMac. The 2020 27-inch iMac was announced earlier this week with 10th-generation Intel Core processors, AMD Radeon Pro 5000 series graphics, up to 128GB of RAM, up to 8TB of storage, a 1080p front-facing FaceTime camera, a True Tone display with a nano-texture glass option, higher fidelity speakers, and...

Apple Believes This German Cycling Path Logo Infringes on Its Own Logo

Wednesday May 1, 2019 9:51 am PDT by
Apple recently objected to the logo of a new German cycling path in an appeal filed with the German Patent and Trademark Office, according to German outlets General-Anzeiger Bonn and Westdeutscher Rundfunk. Apple reportedly takes issue with the logo's green leaf and supposed "bitten" right side, attributes the company believes are too similar to its own logo. The logo, registered with the ...

Apple Seeds First Public Beta of watchOS 7 to Public Beta Testers

Monday August 10, 2020 10:33 am PDT by
Apple today seeded the first public beta of an upcoming watchOS 7 update to public beta testers, one week after seeding the fourth beta to developers and a month and a half after the Worldwide Developers Conference. The update can be downloaded after installing the proper profile from Apple's Public Beta website. watchOS 7 should not be installed on a primary device as it is still an early...

Apple Watch Likely to Adopt MicroLED Display Technology in 3-4 Years

Monday August 10, 2020 2:55 am PDT by
This year's Apple Watch Series 6 is expected to feature an OLED screen like previous models, but a future model is likely to be the first Apple product to adopt MicroLED display technology, albeit not for another three to four years. That's the main takeaway reading between the lines of comments made by the chairman of Epistar, Taiwan's top LED producer, which is reportedly working on a...

Apple Seeds iOS 14 and iPadOS 14 Public Beta 4 to Testers

Thursday August 6, 2020 10:05 am PDT by
Apple today seeded new public betas of upcoming iOS 14 and iPadOS 14 updates to its public beta testing group. Today's software releases, which Apple labels as fourth betas to keep them in line with developer betas, are actually the third betas that Apple has provided and they come two weeks after the prior beta releases. Public beta testers who have signed up for Apple's beta testing...