I preordered the Wyze doorbell , am excited about it but looking at the video “how to setup your Wyze doorbell” it says the doorbell directly connects to WIFI rather than going through a gateway . My question is how is the password stored in the doorbell ? obviously it wont be plain text but how secure is it ? the doorbell is easily detachable and accessible to anyone .
If someone were to detach and take the doorbell , What preventive measures are in place so that the password to wifi is not compromised ?
If I am understanding your question correctly, the password is your Wyze account password, which is in your possession and on the Wyze server.
I don’t believe that there is any hard coded password on the physical Doorbell itself.
@tomp I think they were referring to the Wifi password. Can someone steal the doorbell and get at whatever memory device is inside the doorbell to get the Wifi password?
If that is the question, it’s one I don’t know the answer to. Very good question.
I would like to know that answer myself! I’ll tag in both the other @moderators and our @mavens and we’ll see if anybody has the answer.
Ring had a problem broadcasting the unencrypted WiFi pwd. That problem was fixed.
Most of the Linux based products do not use encryption on the config files. Example:
Hi there, this is Arthur, product manager of the Wyze Video Doorbell.
TL’DR: Don’t worry. It is secure.
Detailed answer:
WiFi information, along with all other config data, are stored on the doorbell and it could only be accessed physically (which means to remove the doorbell, tear it apart and plug the doorbell portal to a computer).
And then there is a SHA-512 encrypted password to safeguard the access, and it would technically require billions of years of brutal-force to crack it.
So it should be good.
Thank you @ArthurH for your reply . Could you please clarify something It is my understanding that SHA-512 is hash algorithm it is only used to compute hash( it is a one way algorithm and can not be decrypted back to clear text ) so I am not sure how it can be used to store wifi password as the door bell would need to decrypt a cypher to clear text to connect to wifi router .
There must be another KEY based algorithm you are using to encrypt the wifi password , if that is the case how secure is the encryption key and where do you store it ? and how do you protect the key ?
am still failing to see how this can be secure .
Maybe if the doorbell uses a GateWay that is inside the house to store the password the wifi password i can see this working but if the doorbell is encrypting the password it has to store the key somewhere and that somewhere needs to be protected.
Thank you
@ArthurH and @tomp
Respectfully, this answer raises more concerns imho. Please clarify how you use SHA-512 one way hashing algorithm to store WiFi passwords that are needed to be decrypted on the cameras to access the network.
