How to keep your smart home safe from hacking

SafeWise experts have years of firsthand experience testing the products we recommend. Learn how we test and review

Reviewed by IT security expert Pete Canavan

While smart devices can make daily tasks easier, connecting everyday devices to the internet means there’s a potential for unwanted cyber intrusion.

It’s important to first size up the security of each connected product you bring into your home. Once everything is online, take the following precautions to keep your smart home safe.

1. Choose devices wisely

As you look for smart home devices, check to see that they have security features in the first place. Most major brands shouldn’t pose a problem on this front, but it pays to see if there are reviews from reputable publications if you come across an unfamiliar brand. Mozilla's *privacy not included guide is a good place to start.

When possible, choose Power over Ethernet (PoE) devices instead of wireless ones since PoE is the more reliable and secure choice. A hacker must get past your network's firewall to hack into a PoE device, which is a lot harder than busting into a Wi-Fi connection.

Light Bulb
Update often
After you get the devices you want, take time each month to check for updates. And as tempting as it may be to snooze (or ignore) update notifications, these updates strengthen your line of defence against malware and other online threats

2. Change default username

As you tap through the smartphone app to set up a device, make sure it doesn’t create a default username or account for you. This is especially true for wireless routers that help your smart home run smoothly, not just smart devices themselves.

One of the first things hackers look for is a list of default usernames (like 'admin'), which does half of their work for them. Changing the default username gives you more breathing room and takes you off the list of easy targets.

Light Bulb
A dying breed

While some smart devices still use default usernames and passwords, it’s falling out of practice as companies look to create more secure devices for informed consumers. Instead, you’ll probably create an account using your email address, which isn’t as readily available to hackers.

3. Use strong passwords

Don’t lock your smart home behind a cheap luggage lock when it needs a deadbolt. The best thing you can do is to set up a secure password using a password manager. With a password manager, you don’t have to remember dozens of passwords or hit the “Forgot your password?” link each time you log in.

Most password managers generate random passwords that are difficult for hackers to crack, even with the best tech. The password manager also helps you track how long since you last changed your password. Changing passwords a couple of times a year helps keep hackers at bay.

Make sure you create an extra-strong master password to ensure the password manager doesn't get hacked. Otherwise, hackers will have all of your passwords at their fingertips.

If you share smart home devices with other members of your family, make sure they each have their own account (rather than passing along a shared password for one account).

Bell
Strong doesn’t mean needlessly complex

A strong password doesn’t always need numerals and special characters unless your smart device sets those conditions. Where possible, use a passphrase of at least six random words with spaces between them, which is easier to remember than a string of numbers and characters. 

4. Use two-factor authentication

When you enable two-factor authentication, it’s a lot like a second password in case a hacker gets past your username and password. Even if they input the right login info, they won’t get access without a special code (usually sent via text message or email). The best part is that you get a notification of suspicious activity so you can change your password.

Most smart devices don’t have two-factor authentication, but Ring, Google Nest, and other large manufacturers do. If your product doesn't offer it, it’s a good idea to use a password manager with two-factor authentication.

woman working on phone and laptop from coffeeshop

5. Avoid public Wi-Fi for remote access

Public Wi-Fi networks are not secure because a hacker can monitor unencrypted traffic and send out malware. All online activity is vulnerable, including when you control smart home devices.

For quick commands, like turning on the lights at night or locking your smart lock, you won’t use much data, so it’s better to use your mobile data instead of a public network.

For more intensive tasks like streaming from security cameras and video doorbells, a mobile network should work fine, but finding a secure Wi-Fi network is ideal if you don’t have lots of data.

If you must use an unsecured public Wi-Fi network, use a Virtual Private Network (VPN) to encrypt your data so watching eyes can’t read it. 

6. Check app permissions

Some smart home apps collect data about how you use them. Look into what it’s gathering and deny app permissions if you don’t use specific features like location data and Bluetooth connectivity.

One of the biggest advantages of smart home devices is that they talk to each other, but this can work against your security.

  • When you get rid of a device, or it stops working, make sure to unlink it from the rest of your smart home devices so a hacker can’t use it as a backdoor into your system in the future.
  • If you get a new smartphone, it’s worth removing the smart home apps from your old phone.

Whether or not you choose to protect your smart home on the digital front is up to you. But we think the extra effort is worth it.

John Carlsen
Written by
John Carlsen

Recent Articles