back to article Video intercom firm Doorbird wants $80 for device password resets

Video doorbell company Doorbird charges its customers $80 for a remote admin password reset, an outraged customer has said. Robin Hunt told The Register: “I bought a DoorBird IoT intercom. Then my mobile phone broke, which had the admin password on it, so I mailed them and asked what to do.” The company responded by sending …

  1. Martin 47

    Spending $350 on a doorbell has demonstrated your a sucker, all they are doing is having another dip in the suckers pockets, pretty standard practice really.

    No point in looking for suckers unless your going to milk 'em dry.

    1. Anonymous Coward
      Anonymous Coward

      Dont worry Sir.

      It's OK , Sir. You're what us tech types refer as a "Computer User, Not Technical".

      The error you have is called an I.D.10.T error and the reason is that the chair to keyboard interface has malfunctioned.

      Knowing that, Sir, does that make $80 any less of a bitter pill to swallow?

  2. TRT Silver badge

    If you don't keep the paper...

    Well keep hold of the bit of paper then! I know, not exactly on the list of things to do with passwords...

    1. VinceH
      Facepalm

      Re: If you don't keep the paper...

      Or you could copy the password from that bit of paper to your password manager.

      We all do use password managers, don't we?

      Don't we?

  3. Anonymous Coward
    Anonymous Coward

    What idiot would buy this crap in the first place?

    Oh yea, they do call it IoT (Idiocy of Trash). Could be worse I suppose, in that it isn't as stupid as providing building entry via IoT. Oh wait, it is that stupid. Why not just nail a door key to the front of the door, or just remove the lock?

  4. Anonymous Coward
    Facepalm

    Logic fail

    > My bank doesn't charge me $80 for a password reset!

    In other news, Ferrari owners complain that the cost of a service and oil change is more than for a Ford.

    1. Anonymous Coward
      Anonymous Coward

      Re: Logic fail

      Not if they go to Jiffy Lube!

    2. Phil O'Sophical Silver badge

      Re: Logic fail

      Never mind the service, what would Ferrari charge to get you back into your car if you lost your keys? More than $80 I'd guess.

  5. heyrick Silver badge

    Because this process is attended to us with considerable effort,

    Yeah. It's hard to click a few buttons on a form...

    I'm surprised the default password isn't printed on it so a factory reset (which ought to be a local operation, like power up with a button held or something) will restore it. Needing to contact the mothership for that means... well, I'd toss the thing in the bin.

    1. Anonymous Coward
      FAIL

      Re: Because this process is attended to us with considerable effort,

      "(which ought to be a local operation, like power up with a button held or something) will restore it"

      Yes, that's a superb idea for something that is stuck on the outside of the house.

      1. John Brown (no body) Silver badge

        Re: Because this process is attended to us with considerable effort,

        "Yes, that's a superb idea for something that is stuck on the outside of the house."

        I've not seen the device and may be making an unwarranted assumption, but sure a $350 device will be on the inside of the house with the just the bell push/camera on the outside?

        1. Doctor Syntax Silver badge

          Re: Because this process is attended to us with considerable effort,

          "I've not seen the device and may be making an unwarranted assumption, but sure a $350 device will be on the inside of the house with the just the bell push/camera on the outside?"

          That's what I thought. But a little investigation shows that it is entirely external. All it does is replace the bell-push with a combined internet-connected bell-push/camera/entry-phone box.

          I like the instructions: remove the bell-push. You will see at least two wires. Connect it to these two wires. [My emphasis]

          1. John Brown (no body) Silver badge

            Re: Because this process is attended to us with considerable effort,

            "That's what I thought. But a little investigation shows that it is entirely external. All it does is replace the bell-push with a combined internet-connected bell-push/camera/entry-phone box."

            Ta for that. It's just gets worse...

      2. User McUser
        Meh

        Re: Because this process is attended to us with considerable effort,

        Yes, that's a superb idea for something that is stuck on the outside of the house.

        Pro tip - don't put the reset button on the part of the thing that's outdoors! Put that button on the inside parts where it will be safe.

        1. Swarthy
          Trollface

          Re: Because this process is attended to us with considerable effort,

          Yes, that's a superb idea for something that is stuck on the outside of the house.

          Did you not see the IoT bit? That means that a publicly readily accessible master rest to default admin password ('admin' more than likely) is SOP.

  6. Anonymous Coward
    Anonymous Coward

    Companies only put charges like this on

    When they don't want to have to do it. In truth the measures they are taking are fairly robust, the only complaint here seems to be the charge - but this is partly down the the user, who's apparently keen on IoT not wanting to share their e-mail address with them.

    Ironic as they're happy to have an IoT device control who can swan into their house.

    1. rjmx
      Go

      Re: Companies only put charges like this on

      Hmmm. I wonder if the price might help deter a would-be burglar? You know, call the company, claim you're the homeowner, and try and get them to give you the password?

  7. chivo243 Silver badge
    Facepalm

    I have a large paper folder

    Pffft n00bs.... or millennials (everything's in the cloud init?)

    Filled with all the documentation and warranty info for every device I've ever purchased in the past 20 years. Even some devices I no longer own...

    As the little woman has bought a mulit-functional, I have been toying with the idea of also scanning this info as well.

    1. Locky

      Re: I have a large paper folder

      One of the few things M$ did right, OneNote

      Take photo of recipt and useful password doc with your fruit based device, add to folder. Job done

      1. GregC

        Re: I have a large paper folder

        Take photo of recipt and useful password doc with your fruit based device, add to folder. Job done

        And say hello to Jason Isaacs?

        1. Locky

          Re: I have a large paper folder

          It's quantum, baby...

      2. Dale 3

        Re: I have a large paper folder

        Or take photo, email it to self. If you use Gmail or a similarly cloudy provider, it's now instantly available even when travelling. Assuming you trust the security of Gmail.

  8. Cereberus

    Lesson teaching perhaps

    It might seem extortionate at $80 but considering the time in doing the checks, cost of delivery via courier, etc. it isn't as unreasonable as it sounds. Let's be honest, you are more likely to take care of the password or complete the registration details if you know you are going to be charged that much for a reset.

    Don't forget if you have registered an email address the reset is done free of charge.

    3 points do spring to mind though:

    1) If you pay for the reset they could offer a discount for sending it to an email address, as there are no courier costs

    2) You should be able to change the password to one you would remember, then you aren't as likely to forget it if you lose the device you have it stored on, albeit not a guaranteed solution

    3) Use a password manager which works across multiple devices, or store a copy of the file on multiple devices. Discounting the risk of the password manager being hacked would you store your passwords on a single small portable device which is open to breaking down, being dropped and damaged, lost, stolen..... as the single source for these passwords?

    1. Doctor Syntax Silver badge

      Re: Lesson teaching perhaps

      "it isn't as unreasonable as it sounds"

      My first reaction to the headline was that this adds a new meaning to lock-in. But overall I think you're right: they're doing as much as they can to ensure the user's security and that must incur costs. It will also encourage the user to take better care in the future.

      OTOH would I wish to qualify for their customer service? No. A hardware lock and the doorbell that's been there for most of the last 50 years does the job fine. The only extra expenditure was a new bell-push.

  9. Hans 1
    Happy

    Sad, really, this story.

    The company are clearly doing the right thing, punter did not get the basics right, although it is not quite clear IF he changed the admin password:

    1. Change admin password.

    2. I back my phone up, regularly.

    3. I add the factory password to my password manager, I write the procedure to reset the device into a file on my NAS, that is regularly backed up to another drive that is usually offline (when not used as backup), then destroy the piece of paper with password before discarding it.

    Then again, why buy a doorbell with internet access, that is asking to be burgled!

  10. ben kendim

    Roll your own garage door remote

    Beaglebone: $39

    Relay, wires: a couple of bucks.

    Time to code and install: half an hour.

    Being independent of some company: priceless.

    1. Anonymous Coward
      Anonymous Coward

      Re: Roll your own garage door remote

      Being hacked through a stupid typo and thus unable to claim insurance: priceless - but for the insurance.

      Never forget liability loopholes if you cook things up yourself..

      1. heyrick Silver badge

        Re: Roll your own garage door remote

        "Never forget liability loopholes if you cook things up yourself..

        Never forget the tiny print probably disclaims any and all liability for something somebody else cooked up, so are we any further forward?

    2. John Brown (no body) Silver badge

      Re: Roll your own garage door remote

      "Beaglebone: $39

      Relay, wires: a couple of bucks.

      Time to code and install: half an hour.

      you forgot...

      Time to learn how to code: 3 months for your average IoT purchaser

      (I may be being optimistic)

      1. Neil Barnes Silver badge

        Re: Roll your own garage door remote

        Time to learn how to code: 3 months for your average IoT purchaser

        Oh, two months longer than the time for the average IoT developer, then?

  11. Anonymous Coward
    FAIL

    Lose your house keys....

    ...see how much a locksmith charges to replace it.

    Maybe he'll be happier if they just reset the password to anyone that contacted them by twitter.

  12. Keith Langmead

    Somewhat different...

    > My bank doesn't charge me $80 for a password reset!

    Except your bank also wouldn't let you setup your account in the first place without providing ALL of your details, and if you'd provided those details this wouldn't be an issue! They're not charging $80 for a password reset (there's nothing stopping you resetting your own password... you just need to not lose it), they're covering their costs while they make absolutely bloody certain you are who you say you are and ensuring they don't accidentally become the next security blunder headline.

    1. DougMac

      Re: Somewhat different...

      And my bank (although perhaps not all), would require me to go to a branch, talk to a branch manager, show my ID, prove who I am, in order to reset my PIN or online password.

      They don't charge, but you can't just do it over the phone or email or twit or whatever.

  13. Anonymous Coward
    Anonymous Coward

    If it was me I would be pissed off but I'm with Doorbird on this.

    You can't just expect a company to give you the password without security checks. This is America and I'm pretty sure if someone had control of your email address and emailed doorbird then they gave them the password that doorbird would be sued and you would be a lot more than 80 dollars worth of pissed off.

    1. Warm Braw

      You can't just expect a company to give you the password

      No, but if you have physical access, dismantling the device apparently gives you access to the contacts for the door release. So you could have a button inside to reset it to a default password without significantly changing the security offered, I would think.

      1. kain preacher

        And at thatpoint thieves will figure that out and armed with the default password rob you blind. It's like having an ATM with hard wired technician password that gets plastered on the net.

  14. Anonymous Coward
    Anonymous Coward

    Stops mass demands for passwords..

    Look at the perspective of a thief: having to pay is going to stop thieves from firing bulk demands for reset at this outfit.

    It's IMHO not *that* outrageous, although it probably would be better that they print big fat warning notices on the password paper.

  15. Anonymous Coward
    Anonymous Coward

    Open The Pod Bay Doors Hal

    I'm sorry, Dave. I'm afraid I can't do that. Unless you pay $80.

    But I don't carry $80 in a space suit.

    Dave, this conversation can serve no purpose anymore. Goodbye.

  16. anthonyhegedus Silver badge

    Sounds fair enough to me, just because you physically can't see something, doesn't mean requires no effort to fix. You have to pay for lost keys, that sort of thing. Why should you get all work done for free just because you can't actually see the work being done?

    The point is that people need to be re-educated, and in this IoT economy, we are going to see more and more of this sort of thing happening. That's apart from the fact that spending more than £15 on a doorbell should be illegal.

  17. Starace

    The guy is an idiot

    A password reset is free if you registered your device which gives them a verifiable link between the device and your contact details.

    A password reset if you've managed to lose the password *and* didn't register is charged because they make a lot of effort to verify who you are without the benefit of the cheap verification that registration would give.

    Or would he really prefer they just hand over access to random people with no checks of anything?

    PS the headline is as misleading as the guy is stupid - password resets are free. Security verification for resets of unregistered devices is not.

  18. s. pam Silver badge
    Pint

    Idiots Of The...

    World only have themselves to blame for being such fucktards as to buy the damn thing in the first place.

    My last doorbell came from B&Q, for £12. Works well, when it dies, I'll repeat the cycle. The spare dosh I'll used to raise a glass to the IoT wienies!

    1. Doctor Syntax Silver badge

      Re: Idiots Of The...

      "when it dies, I'll repeat the cycle"

      Tip. When it dies just check it isn't the bell push that's corroded. You could save yourself most of that £12.

    2. tiggity Silver badge

      Re: Idiots Of The...

      I save the 12 quid - visitors have to knock on my door

      1. Dominion
        Pint

        Re: Idiots Of The...

        I'd buy you a pint, but I've long since spent the 12 quid I saved by not having a doorbell on beer for myself...

    3. Dale 3

      Re: Idiots Of The...

      £12 gets you a doorbell that you can only respond to while you're at home. I understand the main novelty of this device is that you can respond to a caller when you're not at home - either it makes it look like you are at home and just too lazy to come to the door (maybe it might dissuade a burglar, maybe), or you can let a trusted visitor in without having to be there yourself. Personally I'm not interested in either of those usage cases so I'd be there with you and the £12 bell, but there are probably a few people for whom those novel uses would be appealing.

  19. Anonymous Coward
    Anonymous Coward

    We must all understand

    that suckers are an invaluable economic resource. Best part of it is that unlike oil, coal and the rest, it's renewable. Complete idiots can be used several times during their active life.

  20. Anonymous Coward
    Anonymous Coward

    Extortion?

    Nah ... I prefer to think of it as an idiot tax.

  21. W4YBO

    "DoorBird has yet to respond to The Register’s emailed enquiries."

    Did you include the $80 fee?

  22. cortland

    The chalice from the palace?

    Computer User Non Technical [Giving Into Foolish Things.]

    http://www.dict.cc/deutsch-englisch/Gift.html

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon