Everyone wants their smart home devices to remain secure and make sure no hackers can get access to it. But not everyone is tech savvy enough to really be aware or know best practices, and that’s okay.

Why is it important?

One vulnerable smart device can lead to bigger problems. If your smart plug connected to your toaster is comprismised, that’s not a big deal right? But what if your alarm system or security cameras are hacked? Hackers can potentially gain access to your home or video footage.

I have been working in IT for many years now and security has always been an important priority. It’s also really interesting to me so sometimes I nerd out. Come along with me as I show you 11 different ways any beginner can improve their smart home security.

1. Delete what Alexa and Google Home Are Recording

Hold up, they’re recording what you say? Yup. Google is always recording what you say, and Amazon stores what you tell Alexa for up to 6 months, then they delete it.

That’s insane right?! Well, their reasoning is they need it to learn and improve their voice assistants. Is it worth it to you?

This may come to a surprise to the normal person, but privacy in 2019 is pretty much non-existent. If our data gets leaked, then we’re screwed.

Why is My Data Important?

You might think, well I don’t really care if my data is leaked. I don’t care if someone knows that I ordered socks through Amazon Echo. I don’t care if someone knows what I’m telling to Google Assistant.

But what if they find out the credit card information you used to purchase it? Or what if they find out your Google information like where you live, where you work, how long your commute is, or when you’re usually home?

You’ll want to make sure that you are letting Amazon and Google keep the minimum amount of YOUR data as possible.

How to Delete All Your Amazon Alexa Recordings:

Here are the quick steps to delete your voice recordings that Amazon has on your Alexa devices:

  1. Login to Amazon on a computer
  2. Click the ‘Account & Lists’ dropdown
  3. Click on ‘Your Content and Devices’ to get to the ‘Manage Your Content and Devices’ page
  4. Click on ‘Your Devices’ where you’ll see all your Alexa devices show up
  5. Click on the icon with ellipses to the left of your Amazon devices to show a dialog box that will pop up
  6. Click on ‘Manage Voice Recordings’
  7. Amazon will show a pop-up explaining why they record and store our data and how they use it to improve their AI
  8. Click ‘Delete’ to delete all voice recordings associated to that device

Pretty simple right? If you’re still struggling on how to do it, here is a helpful video that goes over it in under 5 minutes!

How to Delete Your Google Assistant Recordings

Here are the steps to delete your recordings that Google stores on your Google Assistant devices:

  1. Login to your Google account (associated with your Google devices) at www.myaccount.google.com
  2. Click on ‘Data & Personalization’
  3. Then Click on ‘Voice & Audio Activity’
  4. Click on ‘Manage Activity’
  5. You’ll see the Voice & Audio Activity section, Click on ‘Change Settings’
  6. You’ll see Voice & Audio Activity Slider, Click on it to slide off
  7. Google will warn you that you won’t get as great of a response because they use it to learn from our data (Their pitch to convince you not to do it)

Not too bad right? Now, deleting your voice data will not prevent you from using your google assistant devices. They will still work.

You’ll notice from this page you can really see everything Google is recording, it’s pretty eye-opening once you look at it. Everything you’ve been searching in Chrome, YouTube, Maps, etc.

Take control of what you allow Google to store and minimize the potential data that could be leaked or compromised.

Here is a short video if you are still trying to figure out how to do it:

2. Make Your WiFi Passwords Tough

It is 2019 folks. You cannot use passwords like ‘password123’. Many companies have tried to reinforce how important it is to have a secure password by requiring special characters and lengthy character requirements.

Make your passwords strong by making them long, include special characters, upper/lower case, and numbers.

This is a good habit to pick up for all your passwords you create for your smart home devices and apps, or any password in general.

How to Remember Your Difficult Passwords

One good piece of advice to make sure you remember that complicated password is by using a word or phrase as a password that’s easy to remember. Then include special characters within that phrase to still spell it out.

  • Bad Example – Instead of using a password like: “Ilovecars1!”
  • Good Example – Try using a password like this: “I10v3car$!”

Notice how the bad example still has the “requirements” of a strong password but is still too easy for a hacker to guess. The good example would be much more difficult for someone to guess that password.

You are still spelling out the phrase but now your password is extremely strong. Notice how I still left the word “car” all lowercased so I would know that when I’m typing “car” out, it’s all the same lowercased.

“I10v3car$!”

The only actual letters I use in this password are “I” and “car“. The rest are numbers or special characters. If I just remember that, that it tells me the rest of the characters are numbers or special characters!

3. Keep All Your Software, Firmware, and Apps Updated

This seems like an easy thing to remember, but many people tend to forget to check on making sure everything is up to date.

Make sure your smart device’s software is updated. Check your smart home apps to make sure there isn’t a newer version out there. If there is, get it!

If the Amazon app has a fault in their code, they will go in and fix it on their newest app update. But if you aren’t updating your apps on your smartphone frequently, then you’re leaving yourself exposed.

Companies will often include security improvements in their code and if you don’t have the luxury to have it automatically update, you may be exposed to a security threat.

Updates often bring the latest features.

Want that new Philips Hue feature in their app? You’re going to need to update it. Getting your smart devices latest features will require you to keep your apps up to date too. It’s a win-win situation.

4. Change Your WiFi Name (SSID)

Whoa, did I lose you already? Don’t freak out, it’s actually really simple.

SSID stands for Service Set IDentifier. It’s pretty much your WiFi name, and that’s all you need to know about SSID.

Why do you need to change your WiFi name? If you leave your WiFi name as the default name, it gives potential hackers information about who your internet provider is and what type of router you have. This can make you an easier target for them.

Here’s a few examples of default WiFi names that your neighbors could have:

  • ATT-5335-5GHz
  • MySpectrumWiFi-6647-2.4GHz
  • Verizon-5493-WiFi-5GHz

It’s pretty obvious what internet providers your neighbor has right? And it’s not hard to figure out the most common routers for each company.

Changing your WiFi name makes it harder for hackers to identify which kind of router you have but it also lets them know “Hey, this person has changed their WiFi name. They could probably have some other security features or network protections.“. This could easily deter them to not target you and pick on an easier target.

How Do You Change Your Wifi Name?

The simplest way to figure out how to change your WiFi name is to enter it into Google or YouTube. There are a ton of helpful videos made by your internet provider or other people that get straight to the point.

Enter this into your search engine/YouTube:

How To Change WiFi name for [internet provider]

That should give you the step by step instructions on how to do it. I prefer watching videos, it’s more helpful to me. Since I have AT&T, I would enter this into YouTube:

How To Change WiFi Name for ATT

This is the Video I would see in my search results:

If you’re more of a reader, you can just enter it in google and you’ll find something like this: AT&T’s instructions on how to do it.

For me, I have AT&T, so I have to enter “http://192.168.1.254” into my browser and enter my login info to change my settings. ATT calls this your “Gateway”. Essentially, it’s changing your internet settings.

In order to login, you’ll need this information below which is usually on a sticker on your router.

  • SSID name (WiFi name)
  • WiFi Password
  • Device Access Code

Your provider might be different like Xfinity, Cox, Spectrum, etc.

Still having trouble following the steps? Just reach out to your internet providers tech support department, they’ll be sure to help you change these settings.

5. Enable Network Encryption

The most common encryption on wireless networks is the WEP, WPA, WPA2. I won’t dive too much into this but just know, the WPA2 is the best. Make sure your network isn’t using old school encryption.

Most big name internet providers will already have WPA2 enabled so you shouldn’t need to worry about. Just try the steps above to login and you should see it on your homepage what your encryption setting is.

6. Change All Default Passwords

Changing all your default passwords is good security practice to have. This doesn’t only apply to your smart home devices, but all your accounts where you have login information.

Default passwords are normally weak, easy to guess, and make it another vulnerability for you to have. Protect yourself and change all your default passwords.

7. Put Your Smart Devices on Another WiFi Network

Putting your smart devices on another WiFi network is a smart move because if your smart devices become vulnerable and hacked, they can only get to the devices connected to your guest network.

Getting your Guest WiFi network is easy. Remember in our example on AT&T where we used the “Gateway” to change our internet settings? This is where you’ll need to go to again. Remember, each internet provider is different so just use google or youtube to figure out how to edit those settings.

Putting your smart devices on separate networks will help protect you and your main devices on your main WiFi network.

8.Enable 2-Factor Authentication

What is 2-Factor authentication and why is it important?

Have you ever logged into your Facebook or Google account from a different device, and it’ll ask you to verify your identity by receiving a call, email, or text?

That’s 2-factor authentication (also known as 2FA). It’s a way to confirm the users identity by using a combination of factors to verify them.

Enable 2FA on ALL your accounts/usernames for everything. It may be a little annoying to take an extra 10-30 seconds to login, but it’s worth it.

This is another layer of security you can add to all your devices and accounts. If someone somehow gets access to your Amazon account by attaining your username and password, then you can be in big trouble. You don’t want them ordering thousands of dollars worth of products right?

But, if you have 2 factor authentication enabled, it’ll need them to verify their identity by getting a code sent to your email or phone. This will prevent them from logging in and causing mayhem.

9. Research the Brand of the Smart Device, Buy Big Name Brands

I’m all for saving money, and sometimes it’s okay to go with the cheaper alternative. But Smart Devices is where you have to caution yourself because you can end up with a real cruddy product.

Example: Have you ever heard of the video doorbell Lenyes? Probably not. Have you ever heard of the doorbell Ring though? You probably have.

Lenyes has a doorbell I would not recommend but it’s less than $50 compared to Rings more expensive (but reliable) doorbell.

Make sure that you research the company or brand of the device you are planning to purchase. Don’t buy it just because it’s cheaper. You want to pay attention to a few things about the company:

  • Is it a new company?
  • Are there any news on this company? (Check Google News etc.)
  • How long will they be around?
  • Do they have a good reputation?

What if your smart device has a weakness in their software and it’s easily hacked. If that company goes out of business, there’s going to be no one to update the software or firmware to protect it.

A quick google search of Lenyes in google news leads me to an article where Lenyes, a giant chinese company is still selling terrible security tech devices. Do your homework folks, it could save you headaches in the future!

10. Use a Password Manager

My last piece of advice is to use a good password manager. These are services (usually free), where they store and encrypt all of your passwords from one place. All you have to do is remember 1 single password and the PW manager will do the rest.

A password manager helps in generating and retrieving complex passwords, potentially saving such passwords in a safe encrypted database or calculating them on the spot

My favorite is Last Pass. They are awesome and even generate crazy strong looking passwords and store it for me. All I have to do is remember the original password and that’s all I need. Last Pass does the rest of the work.

11. Buy Brand New if Possible

I’m all for getting products used if it’s cheaper. But there is also a security threat to buying these devices used.

What people can do is modify the firmware or software on the smart device to track all the data being passed through it. Then they’ll sell it to you and now you’re a target.

This is rare and not many people know how to do this. Just use common sense and if you are buying a second hand used smart device, try buying from someone you know, a family or friend first. Then go look for online sources if you need to.

If you’re buying from someone on Facebook marketplace for example, trying checking out their profile. If they just made the profile today or in the last month, that’s kind of fishy. If they have been a member of Facebook for 15 years and has 500 friends+, that’s probably a good sign.

Just use common sense when buying used smart devices and you should be okay.

Summary

I hope this list of 11 ways to secure your smart devices helped. I know a few of them can apply to different parts of your life outside of smart homes, but I think that’s a good thing.

It’s always best to prepare for the worst things to happen. Waiting until it’s too late or thinking “That’ll never happen to me” is exactly what the guy who got scammed has said before.