Google will force Nest owners to use two-factor authentication this spring

Ben Schoon | Feb 11 2020 - 8:10 am PT

Two-factor authentication is one of the best ways to keep yourself safe online, but many users don’t turn on the optional feature. Starting this spring, Google will require all Nest users to enable two-factor authentication.

In a blog post today — Safer Internet Day — Google announces a few changes for Nest users in regards to security. This includes enabling reCAPTCHA Enterprise to Nest accounts, something that’s already live and requires no changes from the user. This move protects accounts from automated attacks for those who haven’t migrated to Google accounts.

Perhaps the most important news from today’s announcement, though, is that Google is forcing two-factor authentication for Nest users.

If you haven’t migrated to a Google account, Nest will send an email when you log in from a new device. Via email, a two-factor authentication code will be delivered to allow logging into your Nest account.

Starting this spring, we’re requiring all Nest users who have not enrolled in this option or migrated to a Google account to take an extra step by verifying their identity via email. When a new login into your account is initiated, you’ll receive an email from account@nest.com with a six-digit verification code. That code will be used to make sure it’s you trying to login. Without it, you won’t be able to access your account.

Both of these new measures should greatly enhance the security of Nest accounts. Notably, much of this feels partially in response to some security concerns from last year with Nest and its competitor Ring which, while not directly Google’s fault, are being addressed here.

In the post, Google also leaves reminders of some other protections available to Nest users. That list includes login notifications that rolled out back in December.