[grahamperich]

I'm trying to figure out exactly how these ring hacks are happening. My whole family and extended family is concerned about them. So just to be clear, there isn't a known vuln with Ring specifically, right? It's just that people's email/passwords are getting popped somewhere else on the internet, and then because of password reuse their Ring account is also compromised? Is that the gist of it?

[fenwick67]

Correct, there are no actual vulnerabilities in the hardware or whatever. It's that people are re-using passwords, getting phished etc.

But... based on the number of people I've seen had their Facebook account "hacked", there are going to be lots and lots of potential victims here. Enable 2fa, use a unique password for this account, and this will never happen to you.

[jmuguy]

Thats it. And as messed up as it is maybe people will finally wake up to using better passwords. I'm really tired of local news covering this stuff and barely mentioning or not mentioning at all how the "hackers" are getting into the accounts.

[baroffoos]

Like they woke up after the first decade of facebook "hacks". Or more likely they will continue on as normal until we stop using passwords as the only source of authentication.

[angry-sw-dev]

Something you know. Something you have.

The typical two factor is a password (know) and SMS to a cellphone or code to an email (have).

...though that creates a vulnerability when the cell number can be ported, or the same password is used to access email... better to use authenticator apps or a physical "key".