Two Factor Authentication Requirement

Amen. It’s like having a random stranger show up at your house and installing another lock on your door without your permission. Corporate overreach at its worst. Time to toss Wyze to the curb.

2 Likes

I won’t buy a device unless it has biometric FP.

Yes. An authenticator app is the solution for non-USA customers.

There are several to choose from listed in the thread :point_up:.

Well could someone summarize them for the last 100 posts?

It is actually protecting your App and all of the options found within: Shopping, Services, Sharing, etc. Cameras are only one piece of the puzzle here.

Some also have Cameras in the house and given the climate today, having to put a 2FA when you logon, one time, is not too much of a burden to me. Remember, you are not using it to view the Live Streams or Cameras, you use it to log into the App and only have to use it again when you logout and then logon. If you logged in and close th app, you are not prompted for the 2FA again.

Just to provide some Authentication Apps I used:

  • Google Authenticator
  • Microsoft Authenticator
  • DUO 2 Factor Authenticator

My only device with biometric support is my work issued iPhone. When it was issued, the guy forced me to spend almost 20 minutes TRYING to get it to work. He said it was so great, but we went through at least a dozen iterations of set the fingerprint scan, and then test to make sure it worked with failure after failure after failure. Finally I managed to convince him that it was not going to work so next he tried to force swipe pattern on me which also was so unreliable. Wasted another 10 minutes before I finally managed to get him to allow me to just set a password…

1 Like

It is actually protecting your App and all of the options found within: Shopping, Services, Sharing, etc. Cameras are only one piece of the puzzle here.

And this is why it should be optional. Many people only use the app for cameras…or their scale…or some other single device. Requiring 2FA across the board is ridiculous, especially with the consequences that come with 2FA when a person loses their token (permanent loss of access to account). When they make this mandatory I will only use it for as long as it takes for me to replace my cameras.

4 Likes

Everyone has their opinion about it. But security is not built based on Many. If one individual’s information is compromised, that will be a negative across the board. then all of a sudden, that will be the complaint that Wyze did not secure its environment.

Been in IT for 38 years and have seen a lot, this requiremenbt is a minimal impact and can be implemeneted or turned on in a matter of minutes and then forgotten.

But I acknowledge your opposition to it and your stance.

As I stated, I err on the side of caution and facts. So I turned it on the minute it was released as a test and have never been impacted by it.

If you’ve been in IT for 38 years then I’m sure are aware that the most trusted camera manufacturers in the industry don’t even require 2FA. I’ve been in the high end home integration and automation industry for 22 years and have never seen this as a requirement from Axis, Digital Watchdog, Vivotek, or any other cameras that are used for actual security monitoring in very expensive homes and businesses. IMO, this is like requiring people who own homes to have a security system installed…you know…just because it’s safer in the long run. I get the fact that you’ve had no problems with it…but what about an older less tech savvy person who accidentally messes up their 2FA. misplaces their token, and then loses access to there account? You aren’t factoring in the negative aspects of 2FA. When you lose access there is absolutely no recourse to regain access.

3 Likes

It’s worse than that. It’s selling you the house, letting you live quietly for 3 years, and then one day surprising you with a security system and making your family deal with it every day for the rest of your life.

5 Likes

Here’s an observation. Earlier this morning, I went ahead and set up 2FA using Google Authenticator (which I already have on all three phones / tablet). Other than the Wyze app dropping me out of the 2FA setup once while I was doing the authenticator part of it, the process worked. I started the live Web view to see how much of a pain that was going to be since that routinely logs me out every time I change browser tabs, etc. As expected, I had to enter the 2FA when I started Web View, but in the last hour or so it has NOT logged me out despite LOTS of other activity on this computer.

2 Likes

Excellent points. There should be a way for someone to call in and get into their account if needed. Not sure which Cameras models you were using, but some of the vendors use PoE which in turn runs through an NVR which is accessible via your app on the phone. That NVR is secure and locally stored, so if you are mentioning these, they are different.

In either case, I fully support 2FA. But if it stays as an option, I think an acknowledgement needs to be in place to make individuals know the risk.

BTW: I have lost my 2FA in the past and was still able to recover via one of the codes or even calling in and proving it was me - took a bit, but was able to do it.

My understanding is it will work on all North American phone numbers which would include Canada but I will check.

Woe be to those who let a spouse or other trusted person log into a WYZE account using a shared ID and shared Password so that both persons can use all of the WYZE app’s features on their individual mobile phones. It is my current expectation that the WYZE account will only allow one primary SMS phone number or one Authenticator (linked to a specific phone) to be used for the authentication process; thus, the second person is locked out from having full access to the account on their phone. The WYZE account “sharing” process does not provide full access via the WYZE app. For example, none of the rules for activating and deactivating device notifications are shared, which can radically affect the alarmed and disarmed environment. I’m joining in the despair of reworking my system that took almost a year stabilize into a functional and trusted security tool for my home and property.

2 Likes

I have also lost 2FA (not Wyze) in the past. In my case it was my one phone that had Google Authenticator unexpectedly and suddenly totally failed. There were three accounts using GA and two were a serious pain the backside to get reset (successfully), but the third was easy because it was a friend’s server, so I just had to call him. My solution is that I now have GA on both my phones and my tablet. That way if one phone dies, the data is somewhere else, and it’s easy to move the GA accounts to another device. I expect to be needing to do that shortly because I expect to be replacing my personal cellphone within the next couple weeks, and I’m supposed to get upgraded on my work phone shortly (employer is changing carriers)…

@AmoEGL Only an issue if the phone logs out. Then if your phone number is the SMS uses, and your wife needs to log back in, she only needs to be near you (or in contact if not close).
If you use one of the Authenticator apps rather than SMS, you can load the Authenticator app on both phone (at least you can on Google Authenticator).

Or they could just make it optional, and not mandatory, like pretty much every other company on the planet.

2 Likes

I am trying to gather answers for questions I have seen.

Email will be an option for 2FA but it is not available quite yet.

2FA will be required for both the app and Wyze.com website.

4 Likes

Any sense of how committed Wyze is to deploying 2FA as a uniform requirement (despite any mixed feedback they may receive as the go-date approaches?)