Two-factor authentication has been around fro several years as an extra layer of security so that if your account is compromised then the attackers will have more difficulty getting access. Google is making plans to force users of it’s Nest platform.
Starting in the spring, all Nest users who haven’t enrolled in two-factor authentication or migrated to a Google account will be required to verify their identity via email.
When a new login for your account occurs, you will get an email from firstname.lastname@example.org with a six-digit verification code. You will then need to enter that code to confirm it’s you who’s attempting to log in. If you don’t provide the code, you won’t be able to access your account.
This change is a welcome addition after Amazon was in the news following some users reporting their ring products were hacked, Amazon said that the hacks were a result of users reusing passwords and not enabling two-factor authentication on their accounts.
In December, Google added email notifications for login attempts. Each time someone logs into your Nest account, they will receive a notification email. If you don’t recognize the login attempt, you can take immediate action, such as changing your password. Google has also added reCaptcha Enterprise to Nest accounts.
ReCaptcha has been in Gmail for sometime now and detects automated attacks and defends against them, users do not need to do anything to enable this feature.