If you use the Ring video doorbell, there’s a new security flaw to worry about
TL;DR version: Your Ring password is basically pointless.
A security flaw on the Ring video doorbell has been discovered. At issue is what happens when you change the password on your Ring system. According to The Information, users don’t need to re-log into the doorbell app when the Ring password has been changed.
If you’ve previously granted access to someone with your Ring doorbell app, he or she can still use the app even if you have changed the password. More troubling: it doesn’t matter how much time has passed, as the app will never ask users to sign in again.
Ring, which was purchased by Amazon earlier this year, promises that a fix is coming. In a message released following The Information’s report, it notes:
Ring values the trust our neighbors place in us and we are committed to the highest level of customer information and data security.
We strongly recommend that customers never share their username or password. Instead, they should add family members and other users to their devices through Ring’s ‘Shared Users’ feature. This way, owners maintain control over who has access to their devices and can immediately remove users. Our team is taking additional steps to further improve the password change experience.
This sounds like a huge problem, no? Hopefully, we’ll see a fix for this security flaw very soon.
For similar news, see: Unpatchable exploit for the Nintendo Switch found by security researchers, Chili’s restaurants are delivering heartburn and malware attacks to customers, and Security analysis: Why should cybersecurity be a concern moving forward?