All Nest accounts will require extra sign-in security this spring

Jon Fingas
Associate Editor
Nicole Lee/Engadget

It's not just Ring committing to improving the security of its smart home systems in 2020. Google's Nest has announced that, as of this spring, it will require email-based two-factor authentication for everyone who hasn't previously enabled the feature or migrated to a Google account. This reduces the chances of someone hijacking your smart home setup, even for more ambitious intruders who might use SIM swapping to intercept SMS-based two-factor sign-ins.

Nest still recommends that users migrate to Google accounts if they want to stay secure, although there is a caveat: you can't currently link a Nest account if you have Google's Advanced Protection turned on. Google is fixing this, but doesn't have an estimate for when that solution will be ready.

It's not hard to see why the Nest team would bolster its safeguards. The vulnerability of smart home systems has been a sore point for years, and it's becoming more of an issue now that Nest and others have a host of connected alarms, cameras, doorbells and locks. An account takeover could compromise your privacy and even your physical safety. The additional hassle of two-factor sign-ins might be trivial compared to the fallout from a breach.