Arlo|Smart Home Security|Wireless HD Security Cameras
× Arlo End of Life Policy Notice
To view Arlo’s new End of Life Policy, click here.
Arlo Community

Lack of support for 2FA other than email and SMS. Support for OTP authentication apps and devices.

Status: New Ideas Submitted by Tutor on ‎2019-10-16 03:17 AM
19 Comments (19 New)

Why does Arlo only allow text message based 2FA? Why can't we use a proper authenticator app like Google Authenticator?

See more ideas labeled with:
Comments
guice
Guide
Guide
‎2020-07-10 11:05 AM
‎2020-07-10 11:05 AM

How will 2 Factor work with automated systems? I have an automated system at home (with its own account) that logs into Arlo to track my devices. Enforced 2 Factor Auth is going to run into problem. I don't see any option for OAuth keys, or devices code. How will I be able to continue to login and monitor my system after 2FA is enforced?

jguerdat
Guru Guru
Guru
‎2020-07-11 06:43 AM
‎2020-07-11 06:43 AM

I have the same issue but for a different reason. Until devices other than phones can be identified as authenticated devices, there's no workaround. Maybe something will be fixed prior to enforcement but don't hold your breath.

RSGOSS
Novice
Novice
‎2020-07-26 07:20 AM
‎2020-07-26 07:20 AM

I want to add to this thread.  SMS is a poor choice for 2FA and is not considered a good security practice.  Please add support for authentication apps such as Google Authenticator or 2FA Keys like yubi keys.  A very quick google search on SMS as 2FA will give you a wealth of information on why it is a bad idea.

ChadSmith
Star
Star
‎2020-08-21 04:03 PM
‎2020-08-21 04:03 PM

I agree. I just received the email about the forced 2FA, but I do not see any option for either TOTP or even better using a security key.

ChadSmith
Star
Star
‎2020-08-21 05:35 PM
‎2020-08-21 05:35 PM

To add to my previous post, I can't believe Arlo believes (as noted in this post) that the current methods are the "most secure". That couldn't be further from the truth.

TOTP apps and Security Keys are certainly more secure.

X181
Fledgling
Fledgling
‎2020-08-29 03:32 AM
‎2020-08-29 03:32 AM

Arlo is very unprofessional. One thing is the bad idea of 2FA per SMS, but now the deadline for activation suddenly changed from end of the year to until 30. September 2020.

d0lphin
Apprentice
Apprentice
‎2020-09-19 07:16 AM
‎2020-09-19 07:16 AM

As with others in this stream, I also am very unhappy with this two step procedure. Had I known this was going to be required I would never have purchased this system. If you cannot provide an opt out for this then please tell me how to return the system and refund my $600. I'm not even happy that if the internet goes down I don't have the use of my cameras. How is that security? I expected a system that was self-contained. 

bmwdriver7175
Apprentice
Apprentice
‎2020-10-07 06:40 AM
‎2020-10-07 06:40 AM

Since I and I'm sure others use a third party authenticator like Google Authenticator, why not make that available to us?

Aristos
Aspirant
Aspirant
‎2020-10-20 10:37 AM
‎2020-10-20 10:37 AM

Please follow what other applications and web-application do with the two factor authentication.

 

Now each time I go to web - each time is ask for authentication, and even If I am log out, its ask again. You must some how connect the browser with a trust - and ask the two factor authentication only ones a year.

 

Alternative you can use the google app as alternative - together with the trust machine

 

https://play.google.com/store/apps/details?id=com.google.android.apps.authenticator2&hl=en&gl=US

 

Now as you have made to work is just a nightmare.

Arlo
Support

Visit our support page for answers from simple setup to security optimization. Search for something specific or select a product or category for helpful articles and videos.

Visit Arlo Support

Arlo App
for Support

For personalized support specific to the Arlo products you own, access Support from within the Arlo iOS or Android App. Simply login to your Arlo App, go to Settings, Support, then select the Arlo product you would like support for.