Nest, the Google-owned manufacturer of smart home products, is taking security matters into its own hands. Earlier in the month, the company sent out a vaguely worded emails that urged people to use better passwords, enable two-factor authentication (2FA), and to stay on the lookout for any hacking attempts. And now the company is proactively locking users out of their accounts if it believes that their devices have been compromised.
Simply put, Google knows that people are lazy. In response, it has dropped the standard response of notifying people of a breach of merely asking them to reset their password and instead is forcing them to react by locking them out of their devices.
Breach? What Breach?
The company started sending out those emails to users on February 14. Oddly enough, the company has remained rather cryptic on the reason why it has been sending them out at this moment and has refused to refused to confirm or deny whether this is due to a new password breach. Instead, the company simply affirmed its plans to use the new process as information is compromised.
People that have been locked out of the Nest accounts by Google automatically lose the ability to control their Nest apps and stop receiving notifications from their Nest devices. This means they won’t be notified if their Nest Security Camera detects an intruder or if their Nest Protect alarm detects smoke. The device alarm will still work though.
This behavior will clearly inconvenience users. But it seems that Google has reasoned that the inconvenience is minor in the grand schemes of things: users privacy being compromised. More often than not, people set passwords that are alarmingly simple and easy to guess. A great number of them still use one password for multiple services despite the clear dangers this habit poses. Simply urging people to be more vigilant clearly hasn’t worked. Google is trying something new.