Smart Home Security Devices Fail Basic Password Practices
Just how “smart” are the new smart home security systems?
The smart Internet connected home security systems are meant to protect consumers from intruders but can they really do that when the top devices don’t require even the bare minimum for password protection that we expect for our email and other web services, according to a study done by HP.
HP went out and bought the top ten smart home monitoring devices, like video cameras, motion sensors, alarm systems and tested them to see how easy they were to hack. Jason Schmitt, the vice president and general manager of HP’s security products team helped in the study and was a bit surprised by the findings.
All ten of the devices had “significant vulnerabilities” in security of the device itself. Meaning the “security system” is not secure. The most basic of those security holes involved the poor password practices.
Some devices didn’t require strong passwords, while all ten of the products tested failed to lock the account after a certain number of failed password attempts. Your email account or FaceBook page requires stronger passwords than your home security system. HP declined to name the devices they used in their study.
“These are things that a lot of web companies have perfected, but when you move to a different (space) that doesn’t specialize in web security those practices just kind of drift away,” said Schmitt.