Amazon Ring Doorbell Is Found to Expose Users' Passwords in Cleartext

Have you ever thought of employing a smart doorbell for your house? It is no surprise that such devices are marketed as a part of home security, and they can often be used for monitoring. However, these smart devices can also be the weak link in your security chain. Just recently, it was reported that Amazon Ring doorbells can be hacked. If they are not secured, these doorbells can easily expose your Wi-Fi password to hackers. Therefore, it is essential that you secure IoT devices at home. We all want our home to be the safest place in the world, but we also have to put some effort into achieving that.

The Amazon Ring doorbell hack

Let’s cut straight to the chase, and see what happened with Amazon Ring. The doorbell we’re talking about here is the smart video doorbell that allows the customer to see who’s ringing it. In other words, you can check who’s there before answering the door, and you don’t even need to ask. Sounds neat, doesn’t it? Someone rings your doorbell, and you immediately see the live feed on your smartphone. It can’t be more convenient than that!

However, it was recently revealed that Amazon Ring is vulnerable to potential hacking attempts. The problem is that this doorbell is a smart device and so it connects to the local Wi-Fi network, where all of your IoT devices are. When Amazon Ring does that, the device sends your Wi-Fi passwords in cleartext. It means that the passwords are not encrypted within the messages that are sent by this device. So, if anyone manages to hack into the doorbell, they could intercept your Wi-Fi network passwords, and from there, it is only a matter of time before the cybercriminals decide to spy upon you or launch bigger attacks on your network.

The good news is that Amazon fixed this vulnerability back in September. The bad news is that the consumers always find out about such issues post factum. To put it simply, the vulnerability might have been taken care of, but if you had used Amazon Ring prior to the patch release, there is always a chance that your network could have been tampered with. Once again, this is another proof that you must secure IoT devices at home, if you want to avoid a plethora of cyber trouble.

IoT vulnerabilities

It’s not just Amazon Ring doorbells that are admittedly vulnerable to potential hacks. The entire Internet of Things at your home could be prone to various cybersecurity issues. The funny part is that most of those issues could be prevented if only you secured IoT devices at home. The main problem with IoT arises when we use default passwords.

Consider this, we have recently talked about IoT statistics, and we established that the market is expected to grow tremendously by 2025. We will probably relegate more and more functions to smart devices across our homes. And we’re not talking just about Amazon Ring doorbell here. Think about smart refrigerators that connect to the Internet and order groceries from an online store. Think about smart baby monitors that keep your little ones safe. Even something as simple and ordinary as a Bluetooth speaker is also part of the local IoT, and every single device has to be secured so that hackers wouldn’t trespass into your network.

When we purchase new devices like Amazon Ring doorbells, we have to remember that these gadgets come with default passwords. Default passwords are often really easy and not safe at all. They are there to make the setup easier. However, once you set up your device, you have to change the password, too.

The longer and the more complicated the password is, the better. It goes without saying that coming up with unique passwords for every single device is a draining task. Not to mention, no one expects you to keep all of your passwords jotted down in your notebook. In fact, it would be a bad idea to keep your passwords on paper.

So, where in the world are you supposed to keep them? It’s not like you can memorize every single password, right? To tell you the truth, you can always employ such tools as Cyclonis Password Manager. You might say that this free tool is only for computers and mobile devices, but if you were to take a closer look at its functions, you would see that it can also help you generate new passwords, and it can store them in Private Notes. The information you enter in Private Notes, like your Wi-Fi passwords and your IoT device passwords, are automatically encrypted, and you can also sync your Private Notes across different devices. Simple, isn’t it?

On top of that, you can also generate strong passwords with the Password Generator, and that is probably the most efficient way to come up with passwords that will secure IoT devices at home. So, the sooner you employ this tool, the better.

To take everything into account, Amazon Ring is just a small part of a growing security issue. We have to understand that sometimes even our smart lightbulbs could leak our passwords. Therefore, we have to continue raising awareness about cybersecurity and how we have to implement basic security measures. It’s really not that hard, but users often fail to take action because they think hacking is a very distant problem, and it won’t happen to them.

But they couldn’t be more wrong. In the age where information is the most expensive commodity, no data is useless. And if you have a device that shares or stores information, you have to consider the possibility that someone might try to hack it.

If you feel at a loss when you are presented with multiple security options, you can go through them all one by one, looking at all the pros and cons. It would also be a good idea to address a professional who would offer you the best solutions based on your needs and your individual IoT network.

December 11, 2019

Leave a Reply