Earlier this year, Google put Nest users on notice that mandatory two-factor authentication was coming in the spring. Well, spring has sprung, and now Google says that two-step authentication won’t be far behind.
A post on the Google Nest Community site notes that starting this month, users who haven’t already enabled two-factor authentication for their Nest accounts or migrated to a Google account will have to start authenticating new logins via an emailed code.
According to the support thread, the six-digit code will arrive in an email from email@example.com. Without the code, you won’t be able to initiate a new login to your Nest account.
Besides the upcoming mandatory email authentication, Nest users who haven’t migrated to a Google account yet also have the option of enabling two-factor authentication with their phone numbers, which means you’d get the authentication code via SMS rather than an email message.
To do so, open the Nest app, tap Account > Manage account > Account security, select 2-step verification, then follow the prompts.
If you’ve already migrated your Nest account to Google, you can turn on two-factor authentication by going to the main Google Account page. From there, click the Security tab, then select 2-Step Verification.
Turning on two-factor authentication for any account that supports it is a wise idea. The extra layer of authentication makes it that much tougher for hackers to seize control of your account, even if they’ve managed to steal your password.
Users of both Nest and Ring cameras were subject to a variety of attacks over the past year, with hackers hijacking the camera’s built-in speakers, speaking to their kids, and (in a eyebrow-raising case) even sending a false warning of a North Korean missile attack.
In most of those instances, Nest and Ring users were vulnerable to the attacks because their usernames and passwords had already been compromised, allowing hackers to simply log into the victim’s Nest account and take control of their devices. Two-factor authentication protects against scenarios like that, as does using a strong, unique password for each of your accounts. If you need to beef up your account security, check out PCWorld’s guide to the best password managers.