In recent weeks, stories about Amazon’s Ring products being hacked have dominated headlines. The connected doorbells, cameras, and microphones have been used to spy on and harass consumers.

A big part of the problem is Ring’s poor security standards: The company doesn’t adequately protect consumers’ data, and has a bad track record managing vulnerabilities. Indeed, in Mozilla’s annual connected gift guide, readers ranked Ring products as “Super Creepy.”

Then, earlier this week, some good news: Ring announced new privacy and security features, like the ability to log out users on your account; transparency into its police department partnerships; and op-out, rather than opt-in, two-factor authentication (2FA). In December, Mozilla specifically urged Ring to require 2FA.

These are positive steps forward: privacy by default should be a baseline across the technology industry. But Ring -- and its parent company Amazon -- has more work ahead to protect consumers. For example: The opt-out 2FA rules only apply to new users; existing Ring users will remain opt-in. Ring executives say that’s because enabling 2FA across the board would temporarily log existing users out of their accounts. But we think that’s a small price to pay for privacy and security in your own home.

Are you an existing Ring user? Here’s how to turn on 2FA:

Ring 2FA instructions
Ashley Boyd

Ashley Boyd

*Privacy Not Included