Wyze is ready to take pre-orders for its excellent outdoor camera, but it isn’t prepared to take a break. After suffering a data breach last December, it became clear that Wyze’s singular implementation of SMS two-factor authentication isn’t enough. Now Wyze is read to support Google and Microsoft authenticator apps.
If you’re using any security camera with remote access, you should turn on two-factor authentication. As demonstrated with Ring cameras, it’s all too easy to use social engineering to break into a security camera and create havoc.
Wyze has supported SMS based two-factor authentication for over a year, and while that’s better than nothing, it isn’t as secure as an app-based authentication solution. It’s possible to steal a number or redirect SMS messages to intercept an authentication code.
And as Wyze found out last year, when everyone is reliant on one system it’s easy to overload that system. Wyze suffered a data breach, and as part of that mitigation, it reset passwords and two-step authentication codes. That made the system text everyone at once, and it buckled the weight. Users couldn’t log back in because they couldn’t retrieve codes.
Additionally, Wyze’s SMS system only supports U.S. based phone numbers. If you live internationally or use an international phone number, you couldn’t secure your Wyze account with two-factor authentication.
In an email today, Wyze announced support for both Google and Microsoft authenticator apps. That allows for randomly generated codes that refresh every 60 seconds. And both apps are available in multiple countries, a step up from the SMS based system.
According to Wyze’s help files, if you already use SMS-based authentication, you can’t directly switch to an authenticator app. You’ll have to disable two-factor authentication then run through the setup process again.
The new authentication option is available today, and we already see it on our devices.