Wyze is ready to take pre-orders for his excellent outdoor camera, but he’s not ready to take a break. After suffering a data breach last December, it has become clear that Wyze’s singular implementation of two-factor SMS authentication is not enough. Now Wyze is ready to take over Google and Microsoft authentication applications.
If you are using a security camera with remote access, you must enable two-factor authentication. As demonstrated with Ring cameras, it’s too easy to use social engineering to break into a security camera and wreak havoc.
Wyze took over SMS two-factor authentication for over a year, and for it’s better than nothing, it is not as secure as an application-based authentication solution. It is possible to steal a number or redirect SMS messages to intercept an authentication code.
And as Wyze discovered last year, when everyone depends on one system, it’s easy to overload that system. Wyze has suffered a data breach, and as part of that mitigation, it resets passwords and two-step authentication codes. It made the system text everyone at once, and it made the weight drop. Users could not reconnect because they could not retrieve the codes.
Additionally, Wyze’s SMS system only supports US-based phone numbers. If you live overseas or use an international phone number, you cannot secure your Wyze account with two-factor authentication.
In an email today, Wyze announced support for Google and Microsoft authentication apps. This allows for randomly generated codes that refresh every 60 seconds. And both apps are available in multiple countries, a step up from the SMS-based system.
According to Wyze help files, if you are already using SMS authentication, you cannot switch directly to an authenticator app. You will need to turn off two-factor authentication and then start the setup process again.
The new authentication option is available today and we are already seeing it on our devices.