Consumers are at risk of being targeted by hackers because of security flaws in smart doorbells.
Devices sold on Amazon and eBay are easily hacked or switched off. Amazon removed a few products from its list after this finding.
Some brands tested were Qihoo, Ctronics and Victure and they showed flaws on weak password policies and a lack of data encryption.
Two devices in this test could be manipulated to steal network passwords and hack other smart devices inside the same house.
Victure Smart Video Doorbell is Amazon’s most sold smart doorbell and it was found that it sends user’s home network names and passwords unencrypted to servers in China.
Lisa Forte, a specialist in cyber-security testing, said: “The more connected devices you have in your home, the more ‘doors’ there are for cyber-criminals to open.” and “If you have decided to purchase a smart doorbell, make sure it is from a well-known, trusted brand. When you set it up change the default password to something long, and if possible enable two-factor authentication in the set-up”.
2FA is a secondary step to the log-in process that sends a code by an email or a text.
Now, when buying a new smart device for your house, pay attention to its specifications, search more about the brand and always use 2FA!
Source: BBC UK
Written by: Júlia Bittencourt