Nest Users Will Soon Be Required to Enable Two-Factor Authentication

Google has decided that as of Spring 2020, all Nest users will be required to enable two-factor authentication to ‘greatly reduce the likelihood of an unauthorized person gaining access to your Nest account.’

 •

Google announced in a recent blog post that beginning this Spring, all Nest users will be required to enable two-factor authentication.

The action is being implemented in order to “greatly reduce the likelihood of an unauthorized person gaining access to your Nest account,” according to the blog post.

From Nest to Ring, many smart home companies, as well as technology companies in general, have seen a multitude of hackings and data breaches recently.

Just a few months ago, there was a notable rise in Ring camera hackings. Throughout 2019, bizarre stories of Nest cameras playing vulgar music and announcing bogus missile attacks also came to light.

The majority of these incidents could have been prevented with the utilization of two-factor authentication. Many of these hackings occur because users either recycle passwords or have had their login information stolen during a data breach. Hackers can then take that information and “credential stuff” until they are logged in to a user’s account.

With two-factor authentication, the user logs in with an email and password as usual. There is then a second step in order to verify the true identity of the person logging in. This usually consists of a unique, temporary verification code sent to your phone which must then be entered on the login screen to confirm identity.

It will be interesting to see if there is a decline in Nest camera hackings following the implementation. The lack of two-factor authentication being enabled is usually the first excuse companies give when a product is hacked. Now Nest will need to come up with a new excuse the next time a hacker speaks through a customer’s camera.


This article originally appeared on our sister publication Security Sales & Integration‘s website.