How do these attacks happen? Typically, the intruder doesn't target the smart home technology company. He targets the homeowner's account instead, taking advantage of a security lapse—a weak or compromised password, for example—to log in to their account or mobile app.
The good news is that you can protect your account from an intruder by taking some simple measures. Alarm.com offers several smart safeguards for you to employ, and your service provider is always on hand to offer help and expertise.
Here's how to take action and keep your Alarm.com account better protected.
- Avoid the obvious. Dogs are for home security, not password security. Don't use your pet's name, or favorite team, or anything else that's easy to guess. Pick a password or phrase that's memorable—but only to you.
- Make it unique. Add capital letters, numbers and symbols to make your password harder to crack.
- KEEP it unique. Don't use your Alarm.com password anywhere else. Using the same password across multiple sites means that a single data breach—anywhere—will compromise all of your accounts. For safety, always keep a separate password for Alarm.com.
Does your current password measure up? Log in to Alarm.com, or go to the Login Information tab in your Alarm.com app, and change it now. We'll wait!
Two-Factor Authentication is an optional Alarm.com feature which adds a second step to the login process. It makes it much harder for an intruder to access your account, even if they've guessed or acquired your password.
Once you enable Two-Factor Authentication, Alarm.com sends a one-time code to your phone via SMS whenever you or anyone else logs into your account. This code is required to complete the login, meaning that only a person with access to your messages can log into your account.
Two Factor Authentication is available in the United States and Canada. Here's a quick video on how to set it up.
When you give a new user access to your account, always give them their own login. It's easy to do from your web dashboard (go to Users, then select Manage Logins). There's no extra charge, and you can control exactly what each user can see and do within your account.
We provide a range of pre-set user permission levels, from "Read Only" to "Full Control," to make this part easy—or you can customize each user's permissions if you prefer.
Let's say you hire a dog-walker to visit your house on weekdays. A numerical User Code lets them unlock the door and disarm your alarm. You can restrict the code to work on weekdays only, and have it expire on a given date. You can even get an alert or video clip when they use it.
As any security expert will tell you: give people the access they need, and no more. In most cases, a User Code will take care of it.
To receive an alert when someone accesses your account, or tries to, set up a Successful Login or Unsuccessful Login notification. If you receive either alert unexpectedly, you'll know to investigate and take action if necessary—see item #6 below.
You'll find these notifications in the System Event category of your notification options.
Please note: Unsuccessful Login alerts can be triggered when other Alarm.com users mistype a username that's similar to your own. To reduce the likelihood of this happening, ensure that your username is distinctive and different. You'll find it in the Login Information tab of your Alarm.com app.
- Log into your Alarm.com Web Dashboard and go to Settings.
- Go to the Devices tab, then select Lost Device.
- Submit a "Disable Automatic Login" command to log every user out of your account and prevent any device from logging back in automatically.
- Change your password immediately.