Arlo|Smart Home Security|Wireless HD Security Cameras

Mandatory Two-Step Authentication (Verification) a Bad Idea

Reply
Chris67
Luminary
Luminary

A reply to a topic you are following has been accepted as a solution!

Topic:

Mandatory Two-Step Authentication (Verification) a Bad Idea

Author:

ChrisKay (Follower)

Date:

2020-03-07 10:51 PM

 

I do not accept this as a solution. IT IS THE WHOLE PROBLEM

If you wish to shut down a topic for discussion please do not use trumped up solutions.

462 REPLIES 462
Nadigator
Guide
Guide

Verification code E-mail message has 2-minute expiration -- which is STUPID! Your system is too slow, it takes twice as long to receive it, when it already expired!  I did this 10 times today, unable to log in!!!

dcfox1
Master
Master

@Nadigator wrote:

Verification code E-mail message has 2-minute expiration -- which is STUPID! Your system is too slow, it takes twice as long to receive it, when it already expired!  I did this 10 times today, unable to log in!!!


Have you set up for push notification for 2FA on your Iphone to approve a PC.  It is almost instant and much simpler with no code.

Nadigator
Guide
Guide

Yes, but the problem was my phone upgrade, after which the device was no longer recognized by Arlo!

Mahlt
Initiate
Initiate

Arlo's two step autorization is a very bad idea. Now all integrations in other smarthome systems are cut off informations. 
Arlo Systems is currently worthless for several customers. 

Need to have a solution back for API users for example for Homey.

 

greystarnetwork
Tutor
Tutor

Agreed. I'm going to look at the Reolink cameras now and slowly phase out the 5 arlo's I have. No chance to turn off this 2FA is ridiculous. Give my subscription(s) to someone else.

BHägg
Tutor
Tutor
I've switched over to Reolink. The transition hasn't been perfect but I can see the cameras almost immediately & get bidirectional sound. Great for my needs with less (much less) bother
greystarnetwork
Tutor
Tutor

Glad to hear that, I've just put one on order from Amazon to play with this weekend and see how they are.

Mahlt
Initiate
Initiate

just cancelt ARLO services and install Eufy Cams. 
This also works with my Synology Disk Station very well. 

My Arlos will be available soon at EBAY

retiredat44
Tutor
Tutor

I am so sick of having it forced on me! have it as an option, and not force it to make people go through this that do not need it!

IshmaelB
Apprentice
Apprentice

Yesterday, on the SAME laptop and browser, I got the 2FA.  Yes, I marked it Trusted ALL three times.

This is ridiculous!!!  This is a SECURITY system.  Actually, it's just an expensive TOY.

They are NOT using the BROWSER fingerprints.  What, EXACTLY, are they using?  IP address?

IPs change when you are mobile, or if your home modem is reset for any reason.  They are LYING.

They need a way for us to OPT OUT PERMANENTLY if we so choose.

 

EOSJOE
Apprentice
Apprentice

Again yesterday we had someone come up the driveway at night and trip the camera. I grab the iPad from the coffee table and viola... it wants 2FA verification!!!!!!!!!!!!   Of course the phone is upstairs charging on the dresser. Events like THIS is why I spent money on the Arlo system!!!   It's like it can sense when there is a real-world security event so it can block your view with a 2FA re-re-re-re-re-re-re-re-authorization. Not everyone has their phone surgically attached to their hand!!

 

 

Jamesfiro
Guide
Guide

Company is shooting themselves in the foot. Before we get dangerously attacked by having to view and cannot because of this 2 step verification, we need to cut our losses and forget we ever had Arlo. I am thinking of anyone but and Ring is the top contender. $10/month aint so bad for one's security.

Daisymel
Tutor
Tutor

Is anyone from the company actually looking at these posts?  If so, please identify yourself.  I had the same situation as this poster, except I use the tablet for verification.  So I have to make sure it is surgically attached as well.   Two attempts at verifying the push notification -- Nothing!  Third time it finally worked.  Meanwhile, intruder could have busted down my door.   The police could get here faster than this system works.  This is all occurring on the same computer and same browser that I have been using since inception.  Insane!  I do not need this service, but I'm getting to the point that I do not need the aggravation that comes with these cameras and their system.

dcfox1
Master
Master

@Jamesfiro wrote:

I am thinking of anyone but and Ring is the top contender. $10/month aint so bad for one's security.


Hate to tell you but Ring has had mandatory  2FA for over  a year. I do agree it should be optional. 

Chris67
Luminary
Luminary

Definitely using IP address for trusted browser recognition. Whenever I use my VPN and then quit and go back to my normal connection I have to go through the 2FA again. Not a particularly "smart" way  to implement 2FA but what can you expect from Arlo.

StephenB
Guru Guru
Guru

@Chris67 wrote:

Whenever I use my VPN and then quit and go back to my normal connection I have to go through the 2FA again.


I've seen this sometimes, but not always.  Also, switching to a different network (with a different IP of course) doesn't always require redoing 2FA.  

 

I don't know what they are using (given my own symptoms it doesn't seem to be IP address), but I agree that IP address isn't a good thing to use.  Mac address could create some challenges too, especially if folks sometimes use a docking station.

dum1dum
Star
Star

what the problem whit system  late at night when the notification i get on my phone i got to put in a code again go to email the punch in the number to see what triggered the camara

 

i taught  i we had a choice to desable it  its back now i did desable   when poeple ask what camera secutiy i have i tell now to buy something else  i dont like beying a monkey that i have to put a code every time it get log on

 

i say its a trusted device that have to do it multiple times

 

ps put a got dam desable check in the sofeware make us read a 10 page to accept

FrancesHoward
Initiate
Initiate
How do I turn OFF 2 step verification. What a disaster. I have a 85 yr old mom and I use this to keep an eye. No I can't . My brother uses it to know when he can drop down to help her. Now he can't . STUPID TWO STEP. GET RID OF IT.
emiajeflow
Initiate
Initiate

Not only does it not work with my cell but it is supposed to last two weeks.  Using the same browser which is 3ft from my arlo router(in small caps cuz it sucks) I have to do a two step verification which is supposed to last 2 weeks and is lasting only a few days.  I tell everyone I can not to buy arlo because it SUCKS BIG TIME NOW.   I could have live with the two step if it would actually last two weeks but it won't.  Doesn't work with my cell because when i switch screens and go back it logs me out automatically.  Biggest waste of my money.  I did purchase a video doorbell that started with an r and really so much better no comparison.  arlo with little caps is ok if you don't care about your security.

birddog323
Tutor
Tutor

14 days for trusted browser is minimal.  Is that the best you can do?  Why not make that configurable?

Why am I having all the inconvenience because you are taking a lazy approach to security?

speedycamera
Star
Star

STOP THE 2 STEP HOW MANY TIMES DI I HAVE TO TRUST MY BROWSER ITS A WAST OF TIME OF IF IT GOES OFF AND I CANT SEE IMMEDIATELY IM GOING TO START A CLASS ACTION LAWSUIT AGAINST ARLO THIS IS RIDICULOUS  ARLO KNOCK IT OFF.I HAVE BEEN LOOKING AT DIFFERENT SYSTEMS THAT ARE WIFI IM WILLING TO PUT  IN POWER OUTLETS FOR THEN IT`S A LOT EASIER THAN YOUR CRAP.

 

birddog323
Tutor
Tutor

Please let me know any viable alternatives you may find to Arlo 2-Step Auth.   Sometimes I need to view urgently to check alarm or motion detector.  Adding extra steps is very stressful especially when it does not work.

birddog323
Tutor
Tutor

Thank you for your input.  Open to suggestions on which systems are on the market.

Chris67
Luminary
Luminary

Is anyone else not getting their 14 days of trusted browser when approved? I am experiencing this with increasing frustration. The number of days seem to vary for no reason that I can put my finger on. Yesterday I approved my trusted browser and today I am being asked to approve again.

IshmaelB
Apprentice
Apprentice

They are lying about it being the browser footprint.  It's also not the MAC address of the device.  If your IP address changes, e.g. while on a mobile hotspot, it prompts you.

I had a situation that I was alerted to by something other than Arlo and it prompted me to authenticate.  That takes a minute and a half. ABSURD for a SECURITY system.  This is a toy, not a serious system.  They also lied about sessions timing out requiring you to login.  It didn't used to be that way when I bought Arlo, back in NETGEAR days.  Arlo DOES NOT CARE about its customers.  If it did, they would listen.  When did you ever see a reply on this thread from them?  I didn't.  They happily send me sales pitches daily, though.

Hey, Arlo, how about you engage your customers and address this ridiculous issue.  Whose security are you worried about?   Not ours.