Many homeowners eagerly install Ring doorbells to buy themselves an added dose of security. With the Ring, you not only get an alert that someone is at your door, but you're privy to a video feed of that someone streaming to your smartphone. If a package lands on your doorstep, you'll see that it's there. And if that package is subsequently stolen, chances are, the culprit will be captured on film, making otherwise common crimes of opportunity more difficult to pull off.
But recent reports reveal that what was once considered an important home safety feature may be anything but. That's because hackers are managing to gain access to users' Ring apps, at which point they're able to tap into their camera feeds and cause a world of trouble.
How Ring hackers are getting in
The methods hackers are using to access Ring, owned by Amazon (NASDAQ: AMZN), and its suite of products are age-old. Largely, they're accessing user names and passwords and then using that information to log into Ring accounts. A big part of the problem stems from the fact that people tend to employ the same usernames and passwords all over the internet, so once one vendor or site gets hacked, those users are exposed in other areas -- Ring apps included.
What damage can hackers cause Ring users?
The Ring doorbell operates in "always watching" mode, but it only starts recording once it detects movement outside your door. From there, it captures video, whether it's a guest arriving or a package being delivered.
If you engage with your Ring app at the time activity at your door is taking place, you actually get a live video feed. Otherwise, you get a stored capture of that point in time -- a video snippet of who arrived at your door and what transpired while that person was there.
Now, imagine someone hacks your Ring account and gets alerted when someone arrives at your door -- like a delivery person with a package. That hacker could then head over to your home, use his or her access to the app to disable the Ring's camera temporarily, steal your package, and go on his or her merry way.
But that's not all. Someone who hacks your Ring account and is serious about robbing you could pay attention to alerts indicating that you, or any other residents of your home, have left the premises. At that point, that criminal could aim to capitalize on an empty house by breaking in.
Furthermore, Ring's two-way audio feature could be used to prank visitors, or, in some cases, cause more serious trouble. Imagine a friend or family member arrives at your door for a visit. A hacker could easily tell that person to get lost or hurl insults at your guest, using your app to impersonate you. And if you have Ring devices aside from the doorbell, you may be exposed to even more trouble. Recently, there was a case of a hacker accessing a Ring security camera in a child's bedroom and using terrifying, inappropriate language to frighten her.
Avoiding trouble with your Ring devices
The best way to avoid falling victim to a Ring hacker is to enable two-factor authentication. The best way to describe two-factor authentication is something you know, like a password, and something you have access to, like a physical device with an app.
Here's how that works in practice. Instead of just entering a password to access your Ring app, you'd also need to enter a randomly generated code that's sent to your mobile phone. If someone manages to steal your Ring username and password, that person won't be able to access your account without having stolen your phone as well.
That extra step may seem annoying, but think about it this way: Would you rather have to deal with the hassle of entering a few extra numbers, or risk your packages being stolen, your home being burglarized, and your family members being taunted or terrorized? Chances are, you'll agree it's a small price to pay.