[mikevp]

That's why all my passwords (including my Ring password) look like this:

c3Ve*w^ZHKmq1SQK&gGVQCezROLgZy

Individually generated, unique for every site I log into.

[spydum]

This doesn't help if your machine gets infected with malware. They can steal that password and you'd never know - which is the point: unusual account activity should alert the user.

[syntheticcorp]

If an attacker compromises your machine and steals your password they can also just route their traffic through it, meaning the IP would match the regular one seen by the Ring servers

[spydum]

Yes they can, but what we often see is accounts sold off to others. They don't give away their infected machine. They just harvest credentials.