5 Simple Ways to Protect Your Smart Home From Being Hacked
Smart-home devices are capable of some serious sorcery—turning on your lights based on the daylight, tweaking the temperature in your home using weather trends, and even spotting package deliveries before UPS even rings a bell. However, when it comes to ensuring they’re protected from the reach of potential hackers, many smart devices still aren’t quite the set-it-and-forget-it gadgets many people assume them to be. Just as you may need to take steps to get the most from your smart devices, ensuring that your smart lights, thermostats, cameras, and the rest are protected against an attack requires a few minutes of extra effort (we promise it won’t hurt).
Before you go running off to fiddle with advanced settings, take a few minutes to follow these easy steps, all of which you can do quickly and easily, to properly secure your smart home.
Password-protect your Wi-Fi network
Why it’s smart: Your home network has one password that lets you access the settings for your Wi-Fi router (the device that controls your home’s internet network) and one password that lets you join the Wi-Fi network. Many routers come with default passwords for both of those and usually have them plastered on the side or bottom to make it handy for setup. Always change these default passwords to new ones that are impossible for someone to guess; that is the absolute minimum step you can take to protect your network. Doing so ensures that the many lists of compromised passwords that get passed around among hackers don’t include yours (or that your neighbor won’t glom off your Wi-Fi network and potentially have access to your security-camera feeds).
How to do it: Most modern routers or modems prompt you to create your own logins when you first set up your new network. If you haven’t done that already, do it as soon as possible. Be sure to use passwords that are at least eight characters, hard to crack (not a real word, so not your childhood-street-pets-porn-name), and unique (not used elsewhere). Your router and Wi-Fi network should have two separate passwords.
If you’re worried about how to create strong passwords that you’ll be able to remember, we strongly recommend investing in a low-cost service called a password manager. Both iOS and Android devices have one built-in, but our top pick is 1Password, which invents strong, random passwords and securely stores them (as well as loads of other critical digital info, if you want) but also keeps them easily accessible across all your devices so you only ever have to remember one password to unlock all your others.
Virtually segregate your smart devices
Why it’s smart: Many home internet routers allow you to sprout a second (guest) Wi-Fi network, which is safely walled off from your main Wi-Fi network. You can use that secondary network as a place to quarantine all of your smart gear so that it lives completely separate from your various computing devices. This way, in the rare chance someone unwanted gains access to your smart devices, the personal data on your laptop, tablet, and so on will remain isolated and safe.
How to do it: To create a new network using your home router, you need to log into your router’s settings through a web browser or an app, if you have one. There you’ll typically find an option to create a guest network. (Make sure it’s password protected!) Another option is to put all of your smart-home devices on a mesh network. We currently recommend models from Asus and Eero—Eero in particular also allows you to enable Apple HomeKit support so that HomeKit-enabled devices are automatically shielded from unauthorized users and Wi-Fi devices on the network.
Create unique logins for all your smart devices
Why it’s smart: Using a unique login password for each smart device ensures that if one password is compromised, you don’t have to worry that your entire smart home will be compromised too. If you’ve integrated your smart home with a comprehensive smart platform (such as Apple HomeKit), you may be able to set up and control most devices in a single app. All other smart-home devices require their own app, and most of those apps require a distinct username and password. (And even though not all devices require password protection, we prefer having it whenever possible.)
How to do it: Create a unique password for each device during the setup phase. If you’re currently duplicating passwords, you can also change them now in your device’s app under the Settings menu. Again, a password manager is the best option—both iOS and Android devices have free ones built in—because it stores all your password combinations for any site or app you use, it can create unique and complex ones automatically that you never have to remember, and it can be set to share them instantly to all your other devices like computers and tablets, so you never risk being locked out accidentally.
Enable 2FA (if possible)
Why it’s smart: Two-factor authentication (2FA) is a system that requires you to confirm your identity before being allowed to access a device. When you attempt to log in to a 2FA-enabled smart device’s app, a special verification code is sent to your phone number (or email address) that you then need to enter into the app before you’re allowed access. That way, even if someone steals your email address and password, they can’t just take control of your devices. Not everything uses this system, but we look for 2FA-enabled devices in our reviews.
How to do it: If 2FA is offered, you can typically enable it under Settings in the accompanying app. If using 2FA isn’t an option, that doesn’t necessarily imply a smart device shouldn’t be used. However, if the device has a critical security or privacy function, such as a security camera, we strongly recommend picking a model that supports 2FA.
Why it’s smart: Like computers and smartphone apps, smart devices tend to get periodic updates, which is a good thing. Updates offer new capabilities or may fix issues with old ones, and more importantly, they may address potentially critical security issues. So enabling your smartphone to auto-install app updates and your other devices to auto-install firmware updates, when possible, just makes sense. There are two types of updates: Software updates handle the apps you use to control a device, and smart devices may get updates to their firmware (the deeper-level code that makes a device actually function).
How to do it: For Android and iOS smartphone apps, simply go to your device’s settings and enable automatic downloads for apps so whenever a device maker publishes an update, your device will grab it and install it automatically. For firmware updates to your smart-home devices, the process is more varied. Some devices are able to update automatically, which you can enable in the settings of its companion app. Others may require you to manually trigger the update—typically you see a badge or icon in the app signaling an update is required.
This article was edited by Jon Chase and Grant Clauser.
1. Lance Whitney, How to Access and Change Your Wi-Fi Router’s Settings, PCMag, July 3, 2022