Home Cyber Attack Ring Makes Two-Factor Authentication Mandatory For All Customers

Ring Makes Two-Factor Authentication Mandatory For All Customers

by Abeerah Hashim
Ring Neighbors App Vulnerability

After back-to-back security incidents, Ring – the smart device vendors, have now upped their game to ensure users’ security. Recently, they have announced numerous changes that will help users protect their privacy. Among these, the most notable step is the mandatory two-factor authentication for all Ring customers.

Ring Two-Factor Authentication Mandatory

Reportedly, Ring has announced they will make two-factor authentication mandatory for all users. In a post, Ring has shared about the introduction of numerous security changes, the most notable being the necessary 2FA.

According to the firm, two-factor authentication was already available to customers. However, they have now made it a mandatory feature for every user. It means that every user will now have to enter the six-digit one-time verification code with each login. This is applicable to every user account, including shared accounts.

The company has taken this step in an attempt to ensure account sign-ins are from valid users only. Users can choose to receive verification codes via email or SMS.

Whereas, the previously introduced feature of sending email alerts to the users on every successful login attempt will continue as usual.

Allows Managing Third-Party Services

Other than the above, Ring have also introduced new features for users to control their data privacy. While Ring has confirmed collaboration with third-party services for a better user experience, they also allow users to manage what data others collect from them.

Ring will roll out the feature regarding their sharing of information with third-party services in Spring 2020. Until then, Ring has halted its collaboration.

As stated in their blog,

We are temporarily pausing the use of most third-party analytics services in the Ring apps and website while we work on providing users with more abilities to opt out in Control Center.

The feature will also empower the users to restrict data sharing for personalized ads.

You can now opt out of sharing your information with third-party service providers for the purpose of receiving personalized ads. If you opt out, Ring will not share the information required to serve you personalized ads, though you may still see non-personalized Ring ads from time to time.

These steps come up as a result of the security incident in December 2019, where a hacker dumped thousands of users’ credentials online.

Let us know your thoughts in the comments.

You may also like

Latest Hacking News

Privacy Preference Center

Necessary

The __cfduid cookie is used to identify individual clients behind a shared IP address and apply security settings on a per-client basis.

cookie_notice_accepted and gdpr[allowed_cookies] are used to identify the choices made from the user regarding cookie consent.

For example, if a visitor is in a coffee shop where there may be several infected machines, but the specific visitor's machine is trusted (for example, because they completed a challenge within your Challenge Passage period), the cookie allows Cloudflare to identify that client and not challenge them again. It does not correspond to any user ID in your web application, and does not store any personally identifiable information.

__cfduid, cookie_notice_accepted, gdpr[allowed_cookies]

Advertising

DoubleClick by Google refers to the DoubleClick Digital Marketing platform which is a separate division within Google. This is Google’s most advanced advertising tools set, which includes five interconnected platform components.

DoubleClick Campaign Manager: the ad-serving platform, called an Ad Server, that delivers ads to your customers and measures all online advertising, even across screens and channels.

DoubleClick Bid Manager – the programmatic bidding platform for bidding on high-quality ad inventory from more than 47 ad marketplaces including Google Display Network.

DoubleClick Ad Exchange: the world’s largest ad marketplace for purchasing display, video, mobile, Search and even Facebook inventory.

DoubleClick Search: is more powerful than AdWords and used for purchasing search ads across Google, Yahoo, and Bing.

DoubleClick Creative Solutions: for designing, delivering and measuring rich media (video) ads, interactive and expandable ads.

doubleclick

Analytics

The _ga is asssociated with Google Universal Analytics - which is a significant update to Google's more commonly used analytics service. This cookie is used to distinguish unique users by assigning a randomly generated number as a client identifier. It is included in each page request in a site and used to calculate visitor, session and campaign data for the sites analytics reports. By default it is set to expire after 2 years, although this is customisable by website owners.

The _gat global object is used to create and retrieve tracker objects, from which all other methods are invoked. Therefore the methods in this list should be run only off a tracker object created using the _gat global variable. All other methods should be called using the _gaq global object for asynchronous tracking.

_gid works as a user navigates between web pages, they can use the gtag.js tagging library to record information about the page the user has seen (for example, the page's URL) in Google Analytics. The gtag.js tagging library uses HTTP Cookies to "remember" the user's previous interactions with the web pages.

_ga, _gat, _gid