sb-au logo
Story image

Google to demand two-factor authentication across Nest accounts

12 May 2020

Google is cracking down on authentication protocols for its popular line of connected devices, Google Nest.

Google will soon require users without two-factor authentication enabled - and users with a Nest account that is unconnected to a Google account - to undergo mandatory two-factor authentication when they log into their Nest account.

Google’s parent company Alphabet took over the Nest brand back in 2014 but always operated as its own separate company. In 2019, Google announced that Nest, and Google Home would merge to become Google Nest.

Nest products include indoor cameras, Chromecasts, smoke alarms, Nest Hub, smart speakers, and many others.

Now users who formally have Nest accounts will be migrated to a Google account. Users will be required to authenticate themselves via email when logging into their Nest accounts.

“When a new login is initiated —for example, from a new device— you’ll receive an email from with a six digit verification code to be entered in order to successfully sign in. This code is to verify it is you trying to access your account and without this code, you will not be able to log in,” writes Google.

Two factor authentication is important to reduce the risk of someone else accessing a user’s Nest account, even if that someone else has the credentials like a Nest username and password.

The move has attracted attention from the likes of cybersecurity firms such as ESET.

ESET cybersecurity specialist Jake Moore says, “Two factor authentication is not a very difficult layer of security to set up, but humans are the masters of procrastination, so a little enforcement can go a long way. The majority of people do not use two factor authentication, or for that matter password managers either, so when Google start to lay down some ground rules, those who are not familiar with it are soon confronted with a lesson in cybersecurity if they want their device to continue to work.

He says that once Google sets out strong authentication rules, it’s likely that other developers will follow suit. 

“This would be a good time to make sure that Nest users have access to the original email that they set up their accounts with to reduce any possible mishaps in adding this extra protection.”

Google suggests that users:

  • Enable 2 factor authentication in the Nest app using their phone number
  • Use a strong and unique password 
  • Consider migrating to a Google Account.
Story image
Why answering the question of orchestration vs automation will improve your security effectiveness
Organisations are looking to improve their security operations effectiveness, efficiency, and staff satisfaction, with security, orchestration, automation and response (SOAR) fast becoming a trending approach. More
Story image
Three common pitfalls to avoid as pandemic accelerates Australian cloud adoption 
Outlining three of the key risks involved with cloud computing, as well as strategies for how to mitigate against them.     More
Story image
WhiteHawk lands 'milestone' $5.9 million cybersecurity contract
The annual Software as a Service (SaaS) contract is a milestone contract with a Tier 1 client – a key US federal government department. More
Download image
451 Research: The new shape of the enterprise network
In this new world, distance has become the silent digital business killer. Latency looms large, especially for high-performance edge applications, IoT and 5G use cases. More
Link image
Driving cloud cost efficiency with performance monitoring
Cloud infrastructure sprawl sneaks up on organisations through a series of individual decisions that in aggregate become inefficient. Thomas Dittmer shares how performance monitoring helped TravelSupermarket reduce cloud costs by 50%More
Story image
Cloud breaches set to increase in velocity and scale - Accurics
“While the adoption of cloud native infrastructure such as containers, serverless, and servicemesh is fuelling innovation, misconfigurations are becoming commonplace and creating serious risk exposure for organisations."More