We refocused and expanded our previously meager tips with more specific information rather than general guidance. We also added tons of links to resources that can help make your smart home more secure against hackers.
As smart home popularity and curiosity keeps growing, questions around the security and privacy of connected devices are more prevalent. While smart devices can make daily tasks easier, connecting everyday devices to the internet means there’s a potential for unwanted cyber intrusion.
Security for the Internet of Things (IoT) is a hot topic, with news like the recent Ring hacks making national headlines and other articles warning consumers to be wary of smart home security. These articles are alarming whether you have a full-fledged smart home system or you’re just beginning to research how to add connected devices to your home.
It’s important to first size up the security of each connected product you bring into your home. Once everything is online, take the following precautions to keep your smart home safe.
6 Steps to Protect Your Internet Connected Devices
As you look for smart home devices, check to see that they have security features in the first place. Most major brands shouldn’t pose a problem on this front, but it pays to see if there are reviews from reputable publications if you come across an unfamiliar brand.
After you get the devices you want, take time each month to check for updates. And as tempting as it may be to snooze (or ignore) update notifications, these updates strengthen your line of defense against malware and other online threats.
2. Change Default Username
As you tap through the smartphone app to set up a device, make sure it doesn’t create a default username or account for you. This is especially true for wireless routers that help your smart home run smoothly, not just smart devices themselves.
One of the first things hackers look for is a list of default usernames, which does half of their work for them. Changing the default username gives you more breathing room and takes you off the list of easy targets.
A Dying Breed
While some smart devices still use default usernames and passwords, it’s falling out of practice as companies look to create more secure devices for informed consumers. Instead, you’ll probably create an account using your email address, which isn’t as readily available to hackers.
3. Use Strong Passwords
Don’t lock your smart home behind a cheap luggage lock when it needs a deadbolt. The best thing you can do is to set up a secure password using a password manager. With a password manager, you don’t have to remember dozens of passwords or hit the “Forgot your password?” link each time you log in.
Most password managers generate random passwords that are difficult for hackers to crack, even with the best tech. The password manager also helps you track how long since you last changed your password. Changing passwords a couple of times a year helps keep hackers at bay. Learn more by reading our password manager reviews.
If you share smart home devices with other members of your family, make sure they each have their own account (rather than passing along a shared password for one account).
Strong Doesn’t Mean Needlessly Complex
A strong password doesn’t always need numerals and special characters unless your smart device sets those conditions. Where possible, use a passphrase of at least six random words with spaces between them, which is easier to remember than a string of numbers and characters. To learn more about creating passphrases, check out this helpful page about Diceware.
4. Use Two-Factor Authentication
When you enable two-factor authentication, it’s a lot like a second password in case a hacker gets past your username and password. Even if they input the right login info, they won’t get access without a special code (usually sent via text message or email). The best part is that you get a notification of suspicious activity so you can change your password.
Most smart devices don’t have two-factor authentication, but Google Nest*, Ring, and Arlo all plan to add the feature later this year. Until this feature becomes more common, it’s a good idea to use a password manager with two-factor authentication.
Have you ever seen someone use a $100 bill at the store, only to have the cashier mark it with a special pen to see if it’s genuine? This is actually a form of two-factor authentication that works based on the type of paper in authentic and counterfeit bills.
5. Avoid Public Wi-Fi for Remote Access
Public Wi-Fi networks are not secure because a hacker can monitor unencrypted traffic and send out malware. All online activity is vulnerable, including when you control smart home devices.
For quick commands, like turning on the lights at night or locking your smart lock, you won’t use much data, so it’s better to use your cellular plan instead of a public network.
For more intensive tasks like streaming from security cameras and video doorbells, a cellular network should work fine, but finding a secure Wi-Fi network is ideal if you don’t have unlimited data.
If you must use an unsecured public Wi-Fi network, use a Virtual Private Network (VPN) to encrypt your data so watching eyes can’t read it. Check out our VPN reviews to learn more.
Boost Your Security
There’s a new type of product called a security hub that’s similar to an antivirus program, but it works across your Wi-Fi network instead of just a computer or smartphone. One of the features in security hubs we like is that they can help create a VPN for your smart home. While we haven’t tested any cybersecurity hubs yet, you can look into popular models like the Bitdefender Box.
6. Check App Permissions
Some smart home apps collect data about how you use them. Look into what it’s gathering and deny app permissions if you don’t use specific features like location data and Bluetooth connectivity.
One of the biggest advantages of smart home devices is that they talk to each other, but this can work against your security.
When you get rid of a device, or it stops working, make sure to unlink it from the rest of your smart home devices so a hacker can’t use it as a backdoor into your system in the future.
If you get a new smartphone, it’s worth removing the smart home apps from your old phone.
Whether or not you choose to protect your smart home on the digital front is up to you. But we think the extra effort is worth it.
Disclaimer *Google and Google Nest are trademarks of Google LLC.
Written by John Carlsen
John is a technology journalist with over seven years of experience researching, testing, and reviewing the latest tech. Before joining SafeWise in 2020, John was an editor for Top Ten Reviews specializing in home security and the smart home. Learn more