In a recent study, every connected home security system tested by HP contained significant vulnerabilities, including but not limited to password security, encryption, and authentication issues.There's no excuse for not using, say, a SMS message to a cell phone as a 2 factor authentication. I'm a big fan of that.*
HP's Fortify on Demand security service assessed the top 10 home security devices – such as video cameras and motion detectors – along with their cloud and mobile application components. It uncovered vulnerabilities in all of them. None of the systems required the use of a strong password, for example, and 100 per cent of the systems failed to offer two-factor authentication.
Manufacturers are under pressure to release security systems that deliver remote monitoring capabilities. Ironically, however, the network connectivity and access that are necessary for remote monitoring mean the security risks associated with such systems are significantly greater than those associated with older, disconnected systems.I guess it's too much to ask that manufacturers are under pressure to make their security system actually, you know, secure.
*If you use online banking, I strongly recommend you turn that feature on.