Are Ring products safe?
Best answer: Yes, as far as we can determine, Ring products are safe when the hardware is secure. However, with any connected devices, users must understand how to take necessary security precautions with login and password info to safeguard valuable data and privacy.
Why Ring's safety is in question: Scandals abound
Are Ring products safe? It's an important and timely question, for sure. Although it makes some of the best security cameras, Ring is not the only player in this space. Heavy hitters in home security also include Nest (Google), Arlo, eufy, and August. Ring, however, was hit particularly hard in the past by a series of controversies and privacy scandals to the extent that none of its competitors have experienced so far.
News about one of the biggest (and scariest) examples involving Ring user data leaks was released in 2019 when ne're-do-wells "hacked" into a customer's camera and audio feeds to spy and generally wreak havoc on their personal lives.
Equally icky (though less public) was a report of Ring contractors and/or employees abusing their positions to access customer data and video feeds. Ring responded to the scandal by firing at least four employees and now limits what existing employees and contractors can access for quality assurance research.
Ring was also under fire for cozying up to law enforcement throughout the country with plans to share video camera feeds to fight crimes like burglary and package theft. While some welcomed the partnership, others were understandably concerned with the level and extent of the access police departments receive with the potential for that access to be abused. Let's also not forget Ring's parent company, Amazon's, role in creating and selling facial recognition technology to government agencies.
Without a doubt, a history of security flaws were discovered in the system, including one area that allowed hackers to access someone's Wi-Fi by pressing a button on the doorbell. Another was found in 2018 that allowed guests to log into the system even after the password was changed.
Be an expert in 5 minutes
Get the latest news from Android Central, your trusted companion in the world of Android
All of this sounds bad, and it is, but those hardware issues were fixed. Since then, Ring regularly updates security flaws as they're found. So if that's true, how can you protect yourself and your personal video/audio data?
Security and social engineering: 2FA FTW
In the above examples, Ring claimed it wasn't directly responsible for the loss of customer information. Instead, it stated that users' emails and passwords were accessed or leaked from other sites, and savvy hackers used this information to break into customers' Ring accounts. These shady attempts were somewhat successful because humans are creatures of habit, and we often reuse passwords for multiple accounts and services. The hackers gambled that the credentials they accessed would work for other services like Ring, and in many cases, they were unfortunately correct.
One of the best ways for users to protect their accounts and data is to choose unique, strong passwords for each and every account, and, whenever possible, to enable two-factor authentication (2FA). Enabling 2FA assures that even if someone can access your login and password information, they can't get to your data without that second authentication measure. We published an article specifically on how to enable two-factor authentication on your Ring account, so be sure to read it before you get started.
It's also good practice to use a password manager such as 1Password, LastPass, or Dashlane to help you generate and store secure passwords, as well as to generate two-factor authentication codes. Regardless of how you create and store your secure passwords, it's a good idea to use a password authenticator app like Google Authenticator, Authy, or 1Password rather than relying on SMS.
Ring came under additional scrutiny because it didn't emphasize (or force) new or existing account holders to follow these basic password protection policies, but it has started to correct course. Now, all new accounts are required to set up two-factor authentication when they first launch the app and connect their Ring device(s). Of course, existing Ring customers can enable two-factor authentication at any time.
Additionally, Ring announced a new Control Center feature at CES 2020. Similar to the Amazon Privacy Hub, the new Ring Control Center allows users to better control a device's security by opting out of the police partnerships mentioned earlier and controlling more privacy settings from the Ring app.
So, where does that leave us? First, we need to remember how important it is to prioritize our digital and physical security. Then, be sure to use strong, unique passwords and store those in a secure place (like a password manager). Use two-factor authentication (and preferably not SMS/text message). Monitor your devices and accounts. And above all, use your head.
Jeramy was the Editor-in-Chief of Android Central. He is proud to help *Keep Austin Weird* and loves hiking in the hill country of central Texas with a breakfast taco in each hand.