What's the Status of Two-Factor Authentication?

I work in the security field, and one of the first things I noticed was that I can log into https://mysecurity.eufylife.com with just my username and password and view my cameras. There’s nothing else preventing me from logging in. No second form of authentication, hell, I don’t even get an alert email, push notification, etc. of a new login. The only way I would know is if I manually open the eufyCam app on my phone and it tells me that I was logged in elsewhere. By the time that happens, it could be too late.

Two-Factor Authentication needs to be implemented and there’s really no excuse nowadays as there’s plenty of APIs that can integrate with authentication.

When does eufy plan on implementing this? This is an absolute must and should be a priority for a security camera.

13 Likes

Soon I hope

1 Like

I would also like 2FA.

2 Likes

Great idea and good suggestion @qnosjizmc !

But 2FA should be an OPTION then and not a compulsion, for those who don’t need 2FA.

1 Like

Hello!@qnosjizmc Thanks so much for your valuable feedback and sincerely apologize for all disappointment caused! Yes, your consideration is really to the point! The eufyCam system is for security purpose. It is necessary for us to strengthen login and authentication mechanism. We’ll forward your concern about Two-Factor Authentication to our engineer team and hope they can further consider its availability in the near future!

6 Likes

100% agreed! We should be able to secure our security products. Ring has 2 factor and that was the other product I was considering. Can be optional, but very important to have. Thanks for your consideration @AnkerSupport

2 Likes

This need to happen sooner then later. With all this camera hacking etc you need to make sure we have that option.

2 Likes

@AnkerSupport I too would love to hear from the engineer team on how difficult it is to implement two-factor. All the big names have it and I would love to see it implemented quickly. Thank you!

1 Like

In the absence of 2FA, in the meantime, some suggestions for users:

  • Check the integrity and complexity of your WiFi password, your Eufy password, and all other passwords at https://haveibeenpwned.com/ or at https://passwords.google.com/ or similar. Change them if they are weak.
  • Never use the same password more than one site. Change any duplicates.
  • Consider using a password manager to create and store and apply complex passwords for your apps and sites you visit. Bitwarden is my favorite.

These are great suggestions, but ultimately still result in single factor authentication. There are still ways to entice a user to disclose their password such as a sophisticated phishing attack. If a specific user is targeted, you can only assume that first factor of authentication will be compromised. 2FA should absolutely be an option for something as sensitive as security cameras.

The recent Ring camera hacking should be an eye-opener for Anker. I would hope at the very least that brute-force protection is implemented for web/app authentication.

I truly, truly hope that Anker is at least in the process of implementing 2FA. This post has been started in July and 5 months has passed without an update on this.

I promise you it’s only a matter of time until Eufy, Nest, Arlo, etc. are next in line, if it’s not happening already.

@AnkerSupport @AnkerTechnical

2 Likes

Agreed 100%

@AnkerSupport @AnkerTechnical How is this not already implemented? :face_with_monocle:

I’ve used Plivo for this exact use-case, https://www.plivo.com/docs/sms/guides/send-sms#code by far the cheapest, $0.0050/sms, pushing this to prod in one sprint is not rocket science :sweat_smile:

1 Like

Is there tentative ETA on when you will implement 2FA? Is there a beta/testing group I can join to assist in testing?

1 Like

Cameras without a 2-factor-authentication are a no-go.

For me it would also be ok if the cameras could be integrated directly into Homekit without an Eufy account.

Comparable to the Logitech Circle 2: as soon as the camera is integrated into Homekit, it is removed from the Logitech account and can only be accessed via Homekit.

1 Like

@AnkerSupport - What is the status for 2FA implementation? When are you planning on rolling it out? As was mentioned here, given the situation with Ring, I would think that this would be a top priority.

Please let us know. Thank you.

Same feeling here. Just got a Doorbell cam. Not interested in any additional products until I see 2FA implemented. This is a must. I love your Brands and preach about them to my friends…it’s 2020, 2FA is long overdue.

Hello,

I have seen a message that Ring has implemented two factor authentication by default and mandatory.

Eufy when do you plan to roll out a such feature? There are many data leaks everywhere and as eufy cams are accessible simple from the internet using the app or windows browser it is mandatory to offer the users two step authentication as soon as possible.

Why the support is not publishing any news about this important and sensitive topic?

2FA/MFA should be a “must have” with any camera solution. Please give this the priority is requires.

I also totally agree. Can I opt out of https://mysecurity.eufylife.com/ ? I don’t need to have my info or feeds displayed on this site. MFA for any off ‘my network’ access is absolutely required.

Thanks

1 Like

Bumping this up. Two Factor is simply a must. I don’t really care about it with just my doorbell, but I’m interested in switching to Eufy from Arlo, but this is a deal breaker.

1 Like