UPDATED 21:57 EDT / FEBRUARY 12 2020

SECURITY

Google to require Nest users to use two-factor authentication for enhanced security

Google LLC will start requiring users of its Nest smart home devices to use two-factor authentication in a move the company describes as providing more protection for Nest accounts.

The introduction of compulsory 2FA will start to roll out in the spring to customers who have not yet enrolled in the option or migrated to a Google account with additional security.

Google acquired Nest in 2014 and continued to allow users to have separate Nest accounts while also adding support for Google accounts. The net effect is that some users use their Google accounts with their Nest products while others do not.

“An extra layer of defense gives you more control over your home devices in the long run by making sure only trusted people and devices can use them,” Cory Scott, head of security and privacy at Nest said in a blog post Tuesday. Scott added that the best way for Nest users to secure themselves is to migrate to a Google account for their Nest devices but respects that not all users wish to, hence the introduction of 2FA.

Security issues with connected internet devices made headlines in December when it was found that Ring cameras were being hacked for livestream trolling. Although Ring dominated those headlines, the group behind the hacking and trolling specifically referred to “Ring & Nest trolling” at the time, suggesting that Nest cameras were also being accessed.

The method used in the hacking — the term is used loosely since no actual hacking takes place — was credential stuffing. Those behind accessing the cameras used software to gain access using previously compromised email addresses and passwords.

Users of Ring and Nest cameras shouldn’t be reusing passwords, but 2FA for access adds a layer of security that is not easily compromised.

“Too often, users are simply activating devices in their home network or on the road without considering connectivity risks,” Scott Gordon, chief marketing officer of secure access provider Pulse Secure LLC, told SiliconANGLE. “As smart device adoption, from thermostats and light bulbs to garage doors and gates, continues to grow, users must be vigilant to not only change passwords but to take advantage of advanced security settings.”

By introducing 2FA, he said, Google is adding necessary security measures to protect consumers. “As organizations progress to ‘zero trust‘ security at work, they must fortify their security awareness programs, especially since the home office and business travel are the new corporate perimeter.”

Photo: Raysonho/Wikimedia Commons

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU