Security cameras are a great way to observe your home while you’re away, whether you’re monitoring your pets, watching for intruders, or just making sure your packages arrive safely at your doorstep—and stay there. But if you don’t take care to secure your cameras, hackers can gain access to them and start observing you. Fortunately, camera manufacturers offer easy ways to harden these devices against attack. We’ll show you the basic steps to protect your privacy.
One of the most common mistakes people make is to reuse the same password on more than one device or service. If one manufacturer or service provider suffers a security breach that exposes usernames and passwords, hackers will try and use those stolen credentials to gain access to other devices and service accounts. This happened to Roku customers recently, through no fault of Roku.
Shopping for a home security camera? You’ll find TechHive’s recommendations at every price level in our best home security camera roundup.
In one example involving security cameras specifically, a California family’s Nest camera received a fake warning of a North Korean missile launch. In another situation, two men were indicted for hacking Ring cameras to livestream swatting raids. That’s not to say hackers can’t gain access to your camera by exploiting known vulnerabilities in the manufacturers’ hardware or software; but in these two cases, neither Nest nor Ring was directly responsible for the attacks. The security lapses were traced back to the cameras’ respective owners.
If you’re now ready to throw your security cameras out the window, don’t fret. There are several ways you can protect your security camera—and your home—from being hacked. We consulted Vladimir Daschenko, a security evangelist at Kaspersky, to make sure we were on the right track.
our overall favorite home security camera
Arlo Pro 5S 2K (model number VMC4060P)
Read our review Price When Reviewed: $249.99 Best Prices Today: $179.99 at Amazon | $179.99 at Best Buy | $179.99 at Home Depot
1. Change your security cameras’ default passwords
A lot of security cameras come with default passwords, mostly to make the initial setup a little easier for new users. But since these are so easy to guess, changing the factory-set password is one of the first things you should do.
Daschenko recommended using a complex password for the device as well as any associated applications or services. The password should either be a random nonsensical phrase or have a long string of characters (both lowercase and uppercase), numbers, and symbols.
Daschenko also recommends using complex passwords for the email address that’s associated with the security camera (which you should be doing anyway). Otherwise, hackers can access your email account, send a password reset to that email address, defeating the entire purpose of that complex password you just set.
2. Use a password manager
If you have trouble remembering all those complex passwords—don’t worry, we all do—then consider using a password manager. Password managers allow you to have multiple unique passwords for every service you use without needing to memorize all of them.
Your password-manager login is encrypted, so all you need to remember is one single master password. There are quite a number of different password managers on the market; we recommend taking a look at PCWorld’s recommendations for the best password managers, so you can pick your favorite.
our favorite budget security camera
Wyze Cam v4
Read our review Price When Reviewed: Introductory price: $29.99 + shipping; MSRP: $35.98 Best Prices Today: $35.98 at Wyze Labs
3. Set up multi-factor authentication
In addition to using complex passwords, Daschenko also advises using two-factor authentication. This adds an additional layer of security to access your security camera. If you opt in to this, you’ll get a single-use passcode via text message, email, or an authenticator app that you’ll need to enter in addition to your usual username and password. It’s generally preferable to use an authenticator app, as it’s less likely to be accessed remotely compared to text message or email.
Security cameras that offer two-factor authentication include the ones from Google, Ring, Eufy and Wyze. If your security camera doesn’t offer two-factor authentication, then definitely get it for your email (which, again, you should have anyway).
4. Update the camera’s firmware
One of the biggest mistakes that most security camera owners make is they just plug it in, set it up, and then forget about it. Software bugs and security vulnerabilities get discovered all the time, so it’s important that you regularly update your camera’s firmware.
These updates will patch known vulnerabilities, so you can stay ahead of the hackers. Some cameras will download updates automatically; others might require a manual update. Either way, it doesn’t hurt to check your camera’s settings every so often to make sure your firmware is up to date. The same goes for the camera’s monitoring software.
our favorite floodlight camera
Eufy Floodlight Cam E340
Read our review Price When Reviewed: $219.99 Best Prices Today: $169.99 at Amazon | $189.99 at Eufy US | $219.99 at Eufy
5. Enable end-to-end encryption
In addition to making sure your camera adheres to up-to-date security protocols and encrypts private information such as your username and password, you should also enable end-to-end encryption if your camera has this feature. This essentially ensures that no third parties will get access to your videos or live feeds. Ring is an example of a manufacturer that supports end-to-end encryption, but you need to turn the feature on—it defaults to being disabled.
6. Stay informed
Last but not least, it’s worth doing a bit of research on your security camera manufacturer every once in a while to see if there are publicly known cases of vulnerabilities. “Try to analyze how the vendor responded to them,” said Daschenko. “If the vendor fixed everything, went public, and admitted their mistakes, then they can be trusted.”
Daschenko also recommends finding out if the vendor’s website has a section dedicated to cybersecurity issues. “This suggests that the vendor pays attention to this and works more closely with third-party researchers,” he said.
