We select and review products independently. When you purchase through our links we may earn a commission. Learn more.

Google Will Make Two-Factor Authentication Mandatory for Nest Accounts

A Nest security camera on a coffee table surrounded by toys.

If you have Nest devices and never migrated your Nest Account to a Google account, Google will soon force you to enable two-factor authentication. Going forward, unless you migrate to a Google Account, you’ll have to input an email code whenever you log in to your Nest Account from new devices.

Recently, Amazon Ring has been in the news several times due to hijacked security cameras. In each case, the company blamed users for reusing passwords and skipping two-factor authentication. While we think Amazon can and should do more to protect its users, two-factor authentication is an essential facet to securing cameras in your home.

Google agrees, at least in part. The company has announced that starting in the spring, it will require anyone still using an older Nest Account to enable two-factor authentication.

With the feature turned on when you attempt to log in to your Nest Account from a new device, Google will send a one-use verification code to your associated email address. You’ll enter that to complete the login process. After that, you shouldn’t need a code again when signing in from that device.

If you don’t want two-factor authentication, there’s one workaround to avoid the requirement—migrate to a Google Account. The company says that Google Accounts are more secure than Nest Accounts and it won’t require additional verification for anyone who migrated. That extra security is part of Google’s reasoning for ending the Works with Nest program.

Requiring two-factor authentication is just one of the suggestions we made to Amazon to better secure its Ring’s users. We’re happy to see that Google is also implementing other recommendations we made. For instance, the company is now checking Nest Account passwords against known database breaches and notifying users if it detects a username and password match.

Google also checks for suspicious activity, like a significant shift in location based on IP addresses. And the company implemented reCAPTCHA Enterprise for Nest Accounts to prevent automated mass login attempts.

Overall, the new changes may be annoying, but you can avoid some of it by migrating to a Google Account. But even if you do, we still recommend turning on two-factor authentication. If you have security cameras in your home, taking every step possible to prevent strangers from accessing them just makes sense.

via Google

Josh Hendrickson Josh Hendrickson
Josh Hendrickson is the Editor in Chief of Review Geek and is responsible for the site's content direction. He has worked in IT for nearly a decade, including four years spent repairing and servicing computers for Microsoft. He’s also a smart home enthusiast who built his own smart mirror with just a frame, some electronics, a Raspberry Pi, and open-source code. Read Full Bio »