Arlo|Smart Home Security|Wireless HD Security Cameras
Arlo Community

Reply
ChrisKay
Follower
Follower
‎2020-03-07 06:51 AM

Making this mandatory is an exceedingly bad idea since it will slow down authentication and when it breaks—and it occasionally will—it will prevent access completely.  At least give the end-user the option of deciding how much protection to require for the account.

Message 1 of 610
159,483
609 REPLIES 609
t0mmel
Initiate
Initiate
‎2020-11-07 12:20 AM

Absolutely agree. Two-factor authentication is *not* a better security solution, it's just a variation, and it does not suit everyone, and so it should not be mandatory. You are putting all your eggs in the 2fa system working always, and saying that it's more important to have 2fa, than it is to ensure that users can always login. That is up to the users to decide. I prefer having a password manager with very high entropy passwords, instead of using 2fa. That is my choice. Not arlos.

 

I can ensure you that I am finished with anything that has to do with Arlo if this becomes mandatory.

Message 426 of 610
6,059
Gene2916
Star
Star
‎2020-11-07 04:20 AM

I have been switching my 6 Arlo cams to Ring and everything is great for me! My opinion is that is Ring is everything Arlo use to be and more!

0 Likes
Message 427 of 610
6,051
MikeBravo
Luminary
Luminary
‎2020-11-07 06:02 AM
oillogger 
 

 

Apprentice
‎2020-11-06 11:30 AM
 

I have 2FA turned on and it requires a SMS code.  When I logged into my Arlo account I also notice all recording and last camera image was missing.    I did a live view on one of my cameras and afterwards the last image was present for that camera.  It appears Arlo may have been working on the server and did some sort of reset.  Let's hope it was because they were working on our 2FA issues.

 

You might be right. Just yesterday we noticed that several of our cameras had a last image that was a few days old. When we tried to go live wth them, they wouldn't connect, they were dead.

 

After a dreaded reboot of our base station (often this makes it worse and requires several reboots to get ALL the cameras up at the same time) the last camera images caught up (so they must have been still working, just unresonsive to us) and then we could connect.

 

So, if that's what they are doing, fooling around trying to get 2FA to work properly, would it kill them to sent out a blast E-Mail and clue is in?

Arlo, hello?

Message 428 of 610
6,052
Dave115
Tutor
Tutor
‎2020-11-07 10:33 AM

2FA is a great idea. Lots of companies use it, some are optional that I have used in the past but can't remember which ones.  The web sites I have used authorizes either my PC or phone depending on which one I am using at the time.  Arlo wants to make your PC a pain to use so you will stick with your phone.  That seems to be working on me!  I'll grab my mouse and think about logging in on the PC then quit because of 2FA so I grab my phone and look at my cameras.  How hard is it to authorize a PC everybody does it.  Come on Arlo give us some answers.

Message 429 of 610
6,038
oNeRf
Guide
Guide
‎2020-11-08 12:44 PM

My Arlo no longer records video on motion or sound dection. I go to this community to find I'm required to setup 2FA. Why? My account is anonymous an I use VPN  to protect my personal privacy. Is Arlo cooperating with the Fed's to spy on my personal matters at home by obtaining my telephone number? Only I should tell myself whether I should turn on 2FA, not Arlo. Either I record video locally from now on or I sell this intrusive junk and buy a different product.

Message 430 of 610
6,024
LandJS
Mentor
Mentor
‎2020-11-09 01:16 PM

I found that it did recognize my computer, for about two days and then it all went **bleep** up and I do not believe for a min that my pc is more unsafe than my phone, that's BS, your phone is just another computer.  Also what if you gave a family member access are they forced to only use a phone or wait for you to call them with the code ?  The pc does use e-mail as an alternate and it does work but how often does a e-mail go right through ?  This is a security system not a after the fact source.  My phone is already set for fingerprint to access Arlo so unless someone steals my thumb it's as secure as I want it.

Message 431 of 610
6,001
Anti-Two-Step-V
Initiate
Initiate
‎2020-11-10 12:24 AM

Yes, this happens to me as well. Fortunately I live in New Zealand and I can pack up the system and take it back to the shop for a refund under our consumer guarantee laws. Can you imagine how frustrating it is accessing Arlo with THREE different devices? I was going to put Arlo around my house in Wellington - but I won't be now unless they FIX this issue - it is bad enough with one Arlo account with two step... what will it be like with two accounts on my phones and computers?

.... By the time I find my phone... the window is broken and the TV is gone. Pathetic.

Message 432 of 610
5,989
t0mmel
Initiate
Initiate
‎2020-11-10 12:53 AM

As mentioned by others, it is a change in the fundamental usage of the system to require 2FA to login. That means that I under danish law will be open to requiring a refund of the product.

 

If this decision to implement and require 2FA, in either Push notification or SMS is forced upon users, making it mandatory, then I will be applying for a full refund of the camera system, claiming under danish consumer protection law, that the products functionality has changed in a way that degrades the usage of the original product.

 

Reverse the decision to make this authentication a mandatory requirement, or the consumers will require refunds of the products.

Message 433 of 610
5,988
ChadSmith
Star
Star
‎2020-11-10 01:03 AM

Australian Consumer guarantees are pretty clear on this as well. And the only reason I have not acted upon it is that it is not yet mandatory.

 

The first sentence on the page:

Under the Australian Consumer Law, when you buy products and services they come with automatic guarantees that they will work and do what you asked for.

Furthermore, it states:

be fit for the purpose or give the results that you and the business had agreed to

Message 434 of 610
5,987
MikeBravo
Luminary
Luminary
‎2020-11-10 05:25 AM

Hey, wake up America.

 

New Zealand, a bunch of good folks, took care of their own, why can't we?

 

We need some recourse to unload this junk without taking it in the neck.

0 Likes
Message 435 of 610
5,975
MikeBravo
Luminary
Luminary
‎2020-11-10 05:27 AM

Great people those Danes.

 

Hey, America, are you listening? 

 

Why can't we be as well protected from unscrupulous businesses?

0 Likes
Message 436 of 610
5,973
MikeBravo
Luminary
Luminary
‎2020-11-10 05:29 AM

Aussies, world reknown butt kickers.

 

Hey, America, we are we so less worthy of protection?

0 Likes
Message 437 of 610
5,971
oillogger
Apprentice
Apprentice
‎2020-11-10 06:40 AM

Having consumer guarantee refund laws may be a great idea but it also comes with unwanted baggage.  For the mfg to cover consumer guarantee refund laws such as in New Zealand the mfg must account for the potential income loss and adjust up the cost of the product and associated costs such as in this case monitoring charges.  I am not rooting for either way but as always, "Choose wisely Grasshopper."  New Zealand may be a small enough market share for Arlos there was no price adjustment to cover their laws.

0 Likes
Message 438 of 610
5,963
LandJS
Mentor
Mentor
‎2020-11-10 08:30 AM

The MFG must account for losses ?  How about the consumer losses when something isn't working as it should, wish we had the same protections here.  Where lemon laws were put in place it made a big difference in how some businesses did business.  If you can't easily access your system, it isn't a security system period.

0 Likes
Message 439 of 610
5,899
oillogger
Apprentice
Apprentice
‎2020-11-10 09:13 AM

The New Zealand law was not created and imposed by mfg.  Lemon laws do serve a good purpose to assist the customer with the occasionally lemon.  I had a vehicle that took too long for the long list of problems to show up to use our lemon law.  Keeping the vast majority of their customers happy is the direct responsibility of the mfg and associated loses.  A unhappy customer base is usually the result of a poorly run business.

0 Likes
Message 440 of 610
5,895
MikeBravo
Luminary
Luminary
‎2020-11-10 11:58 AM

Loss or not, they're going to pass any costs on to us no matter.

Message 441 of 610
5,868
Erilekn
Apprentice
Apprentice
‎2020-11-10 02:26 PM

Hello Arlo! I dont want two step verification. Why do i need it? It just make problems for me!

Message 442 of 610
5,862
dshizak
Initiate
Initiate
‎2020-11-12 01:01 PM

Just setting up the 2 factor authentication.  Is there any way to send the code to 2 iPhones?  My wife and I both check the cameras throughout the day, and it appears that the codes only go to the primary trusted device (mine) and if we are not together, then she can't view the cameras.    I have both numbers saved as trusted devices, but only one is primary.  Surely i am missing something obvious? 

Message 443 of 610
5,798
nsleigh
Guide
Guide
‎2020-11-12 02:15 PM

Microsoft urges users to stop using phone-based multi-factor authentication

 

Wouldn't work for everyone but a better solution than SMS.

Message 444 of 610
5,792
ChadSmith
Star
Star
‎2020-11-12 02:32 PM

And NIST blog clarifies SMS deprecation in wake of media tailspin

"Agency goal is two-factor authentication for all levels of security assurance, but SMS is not on preferred factor list"

Message 445 of 610
5,786
LandJS
Mentor
Mentor
‎2020-11-12 03:30 PM

dshizak are you both accessing the same account, if so that would likely be the reason.  I gave my wife access permission and she set up her own account.  Remember to give her all permissions if you want her to be able to make changes.  If not you can't both check at the same time without knocking the other off.  We often do in the mornings or when we get a notification and doing so my phone is the primary on my account and hers is the primary on her account so I get a code if I access and she gets a code if she accesses it.

0 Likes
Message 446 of 610
5,778
connect8663
Aspirant
Aspirant
‎2020-11-13 06:03 AM
Re: Mandatory Two-Step Authentication (Verification) a Bad Idea

Why they ask only for my phone no Not email for verification???!
0 Likes
Message 447 of 610
5,757
SCKG
Apprentice
Apprentice
‎2020-11-13 06:23 AM

I am now seeing "Error - Token is Expired" "Two-Step Verification" flashing on my screen when I login.  I can still login as normal - without enabling Two-Step Verification.  If they do enforce Two-Step Verification without an option for email I will be unable to use the system.  I do not use a mobile phone. 

 

Million dollar question:  Will Arlo address the hundreds of customer complaints, Better Business complaints, etc.?  Or are we venting for naught in the etherspace?

Message 448 of 610
5,754
Gene2916
Star
Star
‎2020-11-13 07:40 AM

It looks like a class action suit coming!

Message 450 of 610
5,745
Related Labels

Arlo
Support

Visit our support page for answers from simple setup to security optimization. Search for something specific or select a product or category for helpful articles and videos.

Visit Arlo Support

Arlo App
for Support

For personalized support specific to the Arlo products you own, access Support from within the Arlo iOS or Android App. Simply login to your Arlo App, go to Settings, Support, then select the Arlo product you would like support for.