5 quick tips for smart home security
by Oliver Haslam
From voice assistants to thermostats, smart home devices are on the rise. Like any Internet-connected device, they can become targets, but luckily there are some quick changes you can implement to keep your smart home secure.
The first thing you should do is give your Wi-Fi network a strong and unique password. Your router keeps people out of your home network, but if someone knows your Wi-Fi password, they have the keys to the kingdom. New routers arrive with unique passwords printed either on them or in their documentation. But they are long, cumbersome, and certainly not easy to remember. This often leads to people changing them to something they **can** remember, and that’s where security can take a nosedive. We recommend setting a strong, unique password (at least 20 characters) for your Wi-Fi network and saving it in a shared vault in [1Password Families](https://1password.com/families/), so everyone in your household can get it when they need it. While you’re digging around inside your router’s Wi-Fi settings, make sure it’s not configured to use the outdated Wired Equivalent Privacy (WEP) protocol. Switch to the more secure [Wi-Fi Protected Access II (WPA2)](https://blog.1password.com/how-to-stay-safe-on-public-wi-fi/) protocol if required. Finally, your router has a password of its very own and, by default, that password is trivially easy to guess. Currently, many devices ship with a username of “admin” and a password of “password” which is careless in the extreme ([and soon to be banned in California](https://blog.1password.com/california-password-law/)). All routers allow you to change the administrator password, so we suggest doing that as soon as possible. Again, make it strong – unique passwords of at least 20 characters are best here — and yes, save it in 1Password.
With the proliferation of voice assistants like Google Assistant, Amazon Alexa, and Apple’s Siri, it can be easy to forget that these smart devices are designed primarily for convenience, not security. They’re always listening by design, and even though dictating notes or having data easily recalled at a moment’s notice is great, sometimes it pays to take pause and wonder whether this really is the best place to store that information. If it’s something sensitive or plain old embarrassing, consider jotting it down in a secure note within 1Password instead of shouting it into the ether. Discussing something private? Maybe disable your smart speaker while you do it.
Some smart speakers can be used to buy things online, which is great for convenience. It also means that anyone can place orders, so if you have children in your home it may be worth weighing up the value of convenience against the potential for accidental purchases.
When Internet of Things (IoT) devices use default usernames and passwords, criminals can hijack them to perform Distributed Denial of Service (DDoS) attacks, like the ones that [took down Twitter and Spotify in 2016](https://www.bbc.co.uk/news/technology-37738823). This is why it's important to use unique passwords on every device, no matter how inconsequential it may seem. You can store all your smart home devices' passwords in 1Password, and even create a #smarthome tag so you can find them easily.
The majority of smart devices can be updated via an app on your phone or computer. Regular updates mean you’re not only getting the latest features, but also any security updates, too. No security update can help you if they aren’t installed, so enable automatic updates if possible and regularly check for updates yourself if not.
It’s unlikely that anyone is going to gain access to your banking information via your coffee maker, but as the number of IoT devices in use — and sharing information — grows to over 7 billion, smarter homes means we need to be smarter about security, too.