Interesting. Yesterday (Thurs) at 3:58 am MST I received a similar email from Wyze with the subject “New Device Login” and first line that read “A New Device Has Signed into Your Wyze Account”. Wasn’t me or anyone I know so I immediately changed my account password. Anyone else?
Do you have 2-factor authentication turned on? It may be a warning email from Wyze.
Weather you have it turned on or not, can you look at the email address that sent this email? There’s a smallpossibility It may not be Wyze. I don’t believe that you can use an email with 2FA.
I’d also suggest changing your password to your Wyze account.
I will check, but I think this is real email. Wyze cameras are not easily hacked and we are not aware of any outstanding hacks at this time. But your account can be compromised by a weak password. It can also be compromised even if you have a strong password that you have used in multiple places and one of those other places gets hacked. There are troves of hacked password/email combos available for sale on the dark net.
It his highly recommended that you use a strong and unique password for you account. It is also highly recommended that you enable 2 Factor Authentication.
Unless I’m missing something, the only way to connect/hack would be via the app, correct? I tried to connect to the base station and I couldn’t connect and I know the password.
I got the same email yesterday, I have 2FA turned on, the email was sent just a min or so after I opened the wyze app for the 1st time for the day. I suspect Wyze reset something on their end.
there was a post about this on the FB beta group, several others got the email too
Afirm thanks! @Loki looks like the new ai test program is involved, but I had also moved to the beta program a few days prior and pretty sure I used the app several times since then.
I feel that not having access to the base station to look at connected users or devices is a security flaw. 2 factor authentication does not solve this problem.
Curious about this. I’ve logged into the Wyze app from several different devices this year, have never had two-factor auth, and yet have also never received e-mail from Wyze about a new device login. Hmm. How is it supposed to work?
The WCO base station is protected by a strong random password. Someone would have to be within wifi range and be able to guess that password. Not likely. Also, even if someone hacked into the base station, that would not give them access to your non-WCO Wyze devices or information on the Wyze servers.
If it’s still WPA2 there are or were several attacks that shorten the time required. And brute forcing is still a thing. Not exactly a high value target for most people but still a potential risk. Maybe Wyze has already published security info, don’t know.