back to article Hands up who reuses the same password everywhere, even with your Nest. Keep your hand up if you like being spied on by hackers

Nest has urged its customers to not reuse passwords between their smart home gizmos and other websites and services. This comes after miscreants were spotted taking usernames and passwords leaked or stolen from other websites, and using them to attempt to log into Nest accounts and hijack the internet-connected home gadgets, a …

  1. The Oncoming Scorn Silver badge
    Holmes

    Change Of Address

    New home, WiFi was set up with new unique passwords, new Nest password changed (I think - I'd better double check that later) & the electronic door lock account was created afresh.

    Icon - Sherlock obviously.

    1. Velv Silver badge
      Terminator

      Re: Change Of Address

      Call me paranoid, but when I moved home I changed all the physical locks on the new property never mind anything with software or passwords.

  2. chivo243 Silver badge

    16 security cameras dotted around their home!

    They are either paranoid, live in a shitty area, or have mucho disposable income...

    1. Velv Silver badge
      Paris Hilton

      Re: 16 security cameras dotted around their home!

      There are "homes" on the Internet that have such numbers of cameras dotted around the place. I believe you have to pay for access to the cameras though...

    2. LucreLout Silver badge

      Re: 16 security cameras dotted around their home!

      16 seems like a vast amount of overkill for security - I'm pretty sure my whole street doesn't have 16 cameras in it yet.

      I can only assume it was to enable the working spouse to watch baby's first steps or some such from wherever they were? Or for keeping a distant eye on an elderly relative in case of falls?

      1. J.G.Harston Silver badge
        Black Helicopters

        Re: 16 security cameras dotted around their home!

        "I'm pretty sure my whole street doesn't have 16 cameras in it yet."

        That's what they want you to think.

  3. Martin Summers Silver badge

    Or they could be really decent like other services I've used who have run a comparison of their hashed passwords table against data dumps and disabled any account matches.

  4. Flakk
    Trollface

    Nest could, of course, do more

    I am amazed that it does not force returning owners to watch a five second advert on the keypad screen prior to allowing them to enter their PIN.

    1. DougS Silver badge

      Re: Nest could, of course, do more

      I'm sure Google engineers are busy adding that "functionality" as we speak.

  5. Anonymous Coward
    Anonymous Coward

    My username & passwords are easy to remember.

    Username is "username" and password is "password". I never have to remember what I might have used where, it's the same everywhere I go!

    *The sarcasm causes my head to explode like a melon under a dropped anvil*

    1. W.S.Gosset Bronze badge

      Re: My username & passwords are easy to remember.

      Pfft. Tryhard. "admin"/"admin" for me.

      1. LucreLout Silver badge
        Joke

        Re: My username & passwords are easy to remember.

        Pfft. Tryhard. "admin"/"admin" for me.

        Admin implies control. Since I got married I'm merely "guest".

  6. AlexGreyhead
    Coat

    TITSUP

    Total Inability To Secure Ur* Property

    * Sorry for the awfulness of the spelling. I'll get my coat...

    1. John Robson Silver badge

      Re: TITSUP

      User's?

  7. Anonymous Coward
    Anonymous Coward

    How to make a nice password

    1. Mash keyboard and number pad and caps lock

    2. Copy results

    3. Paste

    Better copy that down somewhere too.

    p982hvg9o^96fF0P7565d

  8. Flywheel Silver badge
    FAIL

    2FA via SMS? Srsly?

    I don't password share and I knew it was inevitable that I'd have to switch 2FA on at some time, but I was mightily disappointed that Nest only allow a code via SMS. No one-time password option like Google offers?! Hopefully the crims will not try and get my phone SIM reset...

    I like (not love) Nest when it works, but they seemed to have seriously lost the plot when it comes to security.

  9. mdubash

    Luddie mode on?

    Hate to sound like a Luddite - but the alternative is not to fill your house with shtuff that not only steals your data and listens to you all the time so as to fill your head with advertising, but also costs money, needs managing, and becomes deliberately obsolete within three years.

    Who needs that level of tech management at home?

    1. Velv Silver badge
      Boffin

      Re: Luddie mode on?

      Having had a relative recently move into care, I deployed several cameras (and other IoT devices) to the empty property to monitor it. Kit was cheap enough to explore the technology with a legitimate excuse.

      Will I move it to my occupied property when the empty property is sold? Not sure yet.

  10. Anonymous Coward
    Anonymous Coward

    Let's stop pretending email/password login is a good idea

    Email&password is such a poor choice for securing stuff these days. As demosntrated in the article, it just doesnt work. Sadly, like many IT issues, its the users that get the blame not the IT industry taking resposibility. For example, systems that send SMS codes etc are far more effective and consumer friendly

  11. adnim Silver badge
    Joke

    Same password everywhere

    different user name

  12. a well wisher

    "Rishi Chandra, general manager of the Google-owned smart home outfit, sent an email to all Nest customers on Wednesday" - Must have used second class email as no such email received here yet

  13. J.G.Harston Silver badge

    I accidently logged into a forum as somebody who had used my PC a couple of years ago as Firefox had remembered his details and I wasn't alert enough selecting the correct autocomplete name. After logging off I found how to clear the saved details, in going through I found loads of logon details that I had no memory of. But, most scarily, my HMRC logon details were there. Just one keypress (then Enter) would have logged you on as me.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019