As the company previously warned, Google is now rolling out mandatory two-factor authentication for Nest accounts. Given the recent troubles at Nintendo and elsewhere, the move makes sense. If you’re still on a Nest account, you’ll soon see a message to enable the security feature.
The news of the rollout comes via a Google Support page, and as explained there, you can avoid turning two-factor authentication. All you have to do is migrate your Nest account to a Google account, which the company claims is more secure.
Two-factor authentication is becoming the standard across the industry due to the continued practice of reusing passwords. If you use the same password for every account, you’re putting yourself at risk.
Rather than try to breach servers directly, hackers have turned to credential stuffing attacks. All the hacker needs to do is find a previous database breach (like Adobe, LinkedIn, MyFitnessPal, and others) and scrape all the username and password combinations.
From there, the bad actor will try those combinations on other sites like Nest, hoping that people have reused passwords. That will let them simply log in rather than try to break into the server.
Two-factor authentication adds an extra level of security that can help prevent this sort of attack. Even if the hacker does use the correct username and password, they will likely be unable to verify the one-time use code.
Of course, in addition to two-factor authentication, using unique, complicated passwords for every service you sign up for is the best method of protecting yourself. You can use a password manager to help with that goal. Two-factor authentication, while an inconvenience, is another layer of security that can help keep you safe.
Considering we’re talking about cameras that record the inside and surroundings of your home, every layer of security you can add is a good thing to have.