A recent spate of high-profile smart home gadget hacks has a whole lot of us wondering what we can do to keep the creepers out. Easy to guess passwords? Oh hell no. Unsecured Wi-Fi networks? Gone. These are things I’ve been warning you about for years, but have you actually taken steps to make you and your family as safe as possible? Likely, the answer is, “no,” and that’s okay. It’s not easy, and that’s why we’re here to help!
“A smart home gadget is no different from your phone or your computer,” says Kelvin Coleman, executive director for the National Cyber Security Alliance. “If it’s vulnerable to being hacked, there are basic good housekeeping practices that should become second nature during this technology evolution, just like locking your front door at night.”
Lock It Down
“Locking your front door” on a digital device like a baby monitor or smart home speaker means having a good password, but there’s a big catch here. Some smart home gadgets don’t require that you set up a unique password at all, and you can plug them in and connect them to your home network (and the internet) without getting prompted to lock things down.
Many web-connected cameras, including those on baby monitors, use default login information, like “Admin” for the username and “Password” for the password, when you’re setting them up. That means anyone can connect to the camera and see what you’re doing, or even take control of it and talk to you through their built-in speakers. That’s what happened to a family in Texas that heard someone swearing at their infant through a smart baby monitor.
The first thing you should do after setting up any device that connects to the internet is head into the settings or options — this is usually done via a smartphone app or a web page — and change the account login to something unique. It’ll keep snoopers out and your family safe.
Hacked Before You Know It
One of the biggest mistakes you can make when setting up a new internet-connected gadget is using a password you’ve already used in the past. Data breaches from big companies happen all the time, and hackers collect and share huge archives of usernames and passwords openly on the web. You need to avoid using any password that might already be known to hackers.
HaveIBeenPwned and BreachAlarm are both easy, reliable ways to check on the security of your logins by entering nothing more than your email address. The sites compare your email address against over six billion compromised accounts and tells you if a login matching that email has been leaked in the past.
I have one password that was breached a few years ago, and now I get threatening emails every day that “if I don’t pay up, they’ll expose my porn watching habits to the world.” They’re trying to extort a really old password that I haven’t used in years, and with a threat that does not apply to me (no, really, it doesn’t…).” If your password or account comes up as compromised, change all passwords you use with that email to log in to any site or service. Never use those passwords again.
Also – if you think your birthday is a great password, guess again. I entered mine, and then everyone in my family’s and all of them have been breached several times. Also – check out how many times 123456 or “Password” have been breached. Conversely, see if anyone has ever tapped into a new password that you’re thinking of using before you put it into play. It’s time to get creative, and if you have to, keep your passwords on a good old fashioned spreadsheet.
If your smart home system supports it, always use two-factor authentication (or “2FA” for short) for an added layer of security. 2FA requires two forms of verification when accessing an online account, so you need to enter your password as well as a secondary code that’s sent to your email or phone. A hacker would need access to both of those to breach your security, making you much more secure.
A more drastic move includes setting up a separate home network for your smart home devices, separate from the one your computer and smartphone uses. “Consider setting up a separate network just for your [smart home] devices,” says McAfee Chief Consumer Security Evangelist Gary Davis. “This way, even if a device is compromised it will be difficult for the attacker to leapfrog to other data-rich devices on the same network, like computers and smartphones.”
Say No-Way to Wi-Fi
Some smart home companies have gotten wise to the tricks of hackers and come up with some stellar alternatives. Cameras can be smart without putting the video feed through a potentially vulnerable Wi-Fi signal.
Infant Optics is one of the most popular makers of video baby monitors, and its cameras ditch Wi-Fi in favor of a dedicated wireless signal that connects its camera to a portable screen. The smooth real-time video and sound never travel over the internet, and it simply can’t be accessed by anyone online. Motorola’s high-tech baby monitor works the same way, with a large “Parent Unit” video display and two-way audio, all without using the internet.
Have more tips to secure your smart home? Be sure to share them with us in the comments section!