Here is the problem (or a problem). I have several cameras in my house to help keep an eye on my elderly mother and my home. My brother has his own WYZE account and I share cam access with him so he can keep an eye on her and the house when I am at work. For whatever reason, WYZE DOES NOT allow those with shared access cameras to view SD card playback. It is impossible for us to monitor the cams 24/7 so we need to be able to watch SD card playback at times. He needs to log into my account with the WYZE app to do so. Again, that is WYZE fault for not allowing shared cams to view SD card playback. How is he supposed to do this with 2FA?? Why not allow shared cams to view SD playback? If I āshareā cam access, I clearly want the person I shared it with to be able to actually watch playback. At least make it an option for the main account holder to be able to decide if they want to share playback features. I understand the people at WYZE are getting tired of being blamed because of lazy passwords or other site breaches, but that will always happen. Unfortunately, there will always be those unwilling to take responsibility for their own laziness. The rest of us who are responsible shouldnāt have to go to another product because of it.
I am NOT giving out my phone number, which doesnāt really make things any safer or more secure. All it does it make a HUGE pain in the ass out of trying to log in to an app. If theyāre that worried about security, work on making the app/cameras/accounts/network hard to break into. I just got kicked out of Instagram (for no reason, I donāt post. I mainly just followed people and liked their posts or commented on occasion) and even after entering an email code, they wanted my phone number to verify it was me. NO. I get enough spam texts, etc., as it is now I am NOT allowing any more access to my personal data to ANYONE. Figure out something better. This infuriates me.
I havenāt seen any email, but the same garbage notice popped up in the Wyze app when I went to use my Wyze scale this morning ā TOTALLY STUPID (unfortunately that doesnāt shock me with Wyze lately)
I suppose there are some people who think they want 2FA for their cameras ā thatās fine with me if Wyze wants to offer 2FA as an option ā but requiring everyone to use 2FA for everything is completely ridiculous.
Guess what, Wyse? I donāt think anyone is trying to hack my scale, and I wouldnāt really give a damn if they did!
If Wyse security is so sloppy that people are worried about random hackers getting into their cameras or other wyze toys, I doubt that 2FA will really help. I have yet to see any system where the half-assed send-a-code-to-your-phone ā2FAā is anything but a colossal p-i-t-a that accomplishes nothing to stop any serious hacker.
BOTTOM LINE for 2FA: option = fineā¦ requirement=GoodBye
No! I was just in the process of ordering 3 more cams while they were on sale and I went into the app to check my cam versions. I wanted to check to see how many I would need if I decide to replace all with v3. The announcement greeted me right away. I changed my mind and ordered none. Iāll wait until they allow the opt-out for sure. I donāt need security like that to see what my cats are up to.
I have been using 2FA for quite some time now. Since I already use the Google Authenticate App, for like 5 other 2FAs for work. I just added the Wyze to my current app. Works great, and only need to use 2FA is I happen to log out of the app. Thereās a lot of people complaining abut this, but itās a security measure, it covers Wyze but more so it covers you as the user. So those that want to complain. I am sure you would complain a LOT more if your account was compromised! Right?
Nope. Itās called having a choice and taking personal responsibility. Using 2FA only protects you from people cracking your credentials AND accessing your account. It does not protect you from hackers getting into and accessing all of your data off of Wyzeās server.
Right. Until something happened to your account and you complain that it did for not having 2FA.
Itās not a big deal, you only need to use it if you log out. I donāt understand why this is such a big deal. Most companies that have similar cameras to Wyze have already done the same thing. This is 2022, itās just how things go. Get used to it.
You honesty just donāt know what you are taking about. Iāve been in the industry for 22 years and work with security camera systems on a daily basis. 2FA/MFA has its own drawbacks and it has its place. An app like Wyze requiring it is not one of those places. I literally said in my reply that I wouldnāt complain.
The emails are being sent out in phases, so some may get them later rather than sooner.
There is also a response here from Dave Crosby, one of the Wyze Co-Founders that should be read;
The issue wasnāt so much that Wyze has poor security, it was more that customers have adamantly refused to utilize the security available to them and this has resulted in increased attacks on Wyze Customer Accounts.
And, Wyze listened to all the customer feedback.
Opt out option = yes
Email option = yes
Please take a moment to review the new 2FA FAQ:
Welcome to the User Community @mshomo!
The 2FA is less about making your cam streaming content secure and much more for the purpose of making your sensitive account information secure.
Wyze has listened and an opt out option will be available when the feature is implemented. Please see the FAQ just posted
The FAQ doesnāt actually say that. What it says is
Is 2FA really required, or can I opt-out?
Yes, 2FA will be required to set up all Wyze accounts. But there will be an option to opt-out in the future.
Rome wasnāt built in a day. This is still a quite fluid development.
The announcement that this requirement will be implemented soon (but not immediately) is less than 48 hours old. Have you been locked out of your account for lack of 2FA?
What I interpret is that it will be a default āonā requirement, when implemented, that will need to be set up but can then be turned off for those who actively choose to decline the added security.
It has been made clear both WILL be available when the change is implemented. Please allow them to have a Holiday Weekend before they move the mountain.
You act like this is a huge thing for them to implement. Itās already implementedā¦all they need to do is change the new policy that hasnāt even been put into motion yet. Itās literally one line of code that defines whether the feature is required or optional. And, it has not been made clear. The very article you linked says it will be required when this gets put into place but that there will be an option to opt-out in the future.
The optional use of 2FA is implemented.
The mandatory use of 2FA has not yet been implemented and may very well still be in the final coding development before implementation.
The Opt Out to the mandatory 2FA (that has yet to be implemented and may not even be done coding) has yet to be programmed as the intent to provide this was just announced yesterday. I would be confident in suggesting that it isnāt just a cut and paste open source code.
The Email 2FA option to the mandatory 2FA (that has yet to be implemented and may not even be done coding) has yet to be programmed as the intent to provide this was just announced yesterday. Againā¦ Not cut and paste.
You are seeking concrete answers to a fluid development issue. They donāt exist because none of this has yet to be implemented and all the timelines now have to be adjusted based on the modifications they are making in response to your user feedback.
If you have that one line of simple code to make this all work, submit it here and I am sure Wyze will be grateful for saving them the time and resources they are spending to make your account more secure while still responding to user preferences.
I got the email yesterday. I was going to post about it then, but forgot. I atually did get a popup of the 2FA on my phone when I opened the app sometime after getting the email. Since itāll be implemented soon I went ahead and did it because I couldnāt find where I could skip it . I put the code in after they sent it to me and all was ok. I havenāt had it pop up since, but Iām wondering if itāll pop up if I restart my phone.
None of my family members whom Iāve shared cmas with got the notices.
I take it you have no, or very little, programming experience? If you did you would understand that making a requirement optional in code is very basic. Switching over to email for the 2FA is also a pretty easy change since they already have email addresses for every account. You seem to be just blindly supporting them while acting like you know far more about how the back end works, or where they actually are in development, than you actually do.
I have been using 2FA for some time now. It does not bother you when you restart your phone. Only if you log out of the app before closing it and need to log back into the app.
Yet that he nothing to do with what Iām discussing. Some people protect their homes with security systems with no issues or hassles yet itās still not a requirement to live in one. Iāve lost a lot of data due to a company (Dropbox) who somehow managed to screw up my backup codes (none provided worked) and I lost EVERYTHING tied to that account. What makes you think Wyze is anymore responsible than Dropbox? Accidents happen and 2FA has no recourse if and when you lose access due to the terms that apply to using it.
I have very little modern coding experience as I havenāt kept up with the newest platforms since doing it in the 80ās and early 90ās when it was still in itās infancy.
I am actually just advocating for giving them the time to make it workā¦ specifically because I donāt know how complicated it is. And, given that you donāt have any knowledge of the custom coding that Wyze has implemented, I wouldnāt think you would be so confident in being an expert at what Wyze needs to do to integrate all of this into a successful working model. If it is that simple, post it.
What would the point be in me posting a snippet of code be? Their programmers know what needs to be done. I can guarantee you that, if they donāt implement opt-out from the start, then the reason they are doing this is to grab as many phone numbers as they can for their data mining partners. This isnāt rocket science and they already have 2FA. Making it mandatory for any amount of time only has mine purposeā¦getting more data from customers.