Arlo|Smart Home Security|Wireless HD Security Cameras

Reply
Discussion stats
  • 42 Replies
  • 12457 Views
  • 23 Likes
  • 11 In Conversation
Macahi
Apprentice
Apprentice

Why does the web portal now force me to log in every time I load it?  This behavior started yesterday or the day before. 

42 REPLIES 42
jguerdat
Guru Guru
Guru

I believe this is part of the 2FA (2 factor authentication) process, regardless of whether you have it enabled.

StephenB
Guru Guru
Guru

I think this is related to the two factor authentication feature (even if you aren't using that feature).

 

The risk of allowing extended logins is that can let other people see your videos.  That's particularly true if you log in on a public PC somewhere.  More aggressive logouts help eliminate that threat.

 

But I think Arlo has overdone it a bit.  The security in the web client doesn't need to be more burdensome than my bank/investment sites.  At the very least, there should be a way for the user to have trusted client on specific PCs.

lordsparky
Tutor
Tutor

I believe this coincides with the split from Netgear. The new iPhone app works like the old app, but the desktop website--arlo.com--makes you log on every few minutes. No "Stay logged in" checkbox. I use a long complicated password and by the time I log into something else to get it and paste it into the fields the burglars have broken in and killed me. I will probably just have to look at everything on my small phone screen. So Stupid.

Luddy
Apprentice
Apprentice

And add 2 factor auth via push notifications and you have to do that EVERY time too even when from the same PC.  They've ceased to amaze me any more.

Macahi
Apprentice
Apprentice

>I believe this is part of the 2FA (2 factor authentication) process, regardless of whether you have it enabled.

No, I don't believe it is. This isn't a 2nd sign-on.  It's the initial email/pwd sign-on.

 

The webpage changed a couple of days ago when this behavior started.  They are no longer maintaining the credentials.

parsrgood
Apprentice
Apprentice

@ macaahi. You are correct. This has nothing to do with two factor authentication. Arlo has once again made some changes which leaves it's camera owners up in arms as what to do. They have changed their log in URL. It would have been easy for them to redirect the URL to their new web address but they didn't. Try http:my.arlo.com/#/home. That should let you sign in. It's what worked for me 2 days ago. Hope it works for you. 

 

Macahi
Apprentice
Apprentice

@parsrgood 

 
 
Thank you, but you misunderstood.  I use that url and always have.  I have no issues logging in.  My issue is that I used to be able to load the page on my browser, log in, then close the browser windows.  When I come back to the page in my browser, I am still logged in and do not have to re-enter my credentials.
 
Now, I have to reenter my credentials every single time I load the page.  It's a pain in the okole.
StephenB
Guru Guru
Guru

@Macahi wrote:

>I believe this is part of the 2FA (2 factor authentication) process, regardless of whether you have it enabled.

No, I don't believe it is. This isn't a 2nd sign-on.  It's the initial email/pwd sign-on.

 

The webpage changed a couple of days ago when this behavior started.  They are no longer maintaining the credentials.


Every time you refresh the browser page you have to log in again, which is a pain (and in the case of Edge, it adds a couple more hoops to jump through when enabling Flash).

 

I believe they did that to increase the security effectiveness of 2FA.  I agree it isn't 2FA itself (the repeated logins are needed whether 2FA is enabled or not).   

 

And as I said earlier I think they overdid it (making it more burdensome than necessary).

Gumby-Arlo
Tutor
Tutor

Agreed it has becomed a real pain to use Arlo.

 

Following.

jguerdat
Guru Guru
Guru

I think the issue on the web is the new 2FA feature, whether you use it or not. The app continues to connect as before.

StephenB
Guru Guru
Guru

@Kaskillah wrote:

Why is ARLO making it so difficult? 


I agree they've made it harder than necessary, and hope they reduce the log outs.

StephenB
Guru Guru
Guru

@Kaskillah wrote:

Maybe they want to limit the bandwith on their servers by cutting off connected users.

 


No, that doesn't make any sense.  It isn't using any bandwidth unless the user is actively doing something.

 


@Kaskillah wrote:

 It does nothing but anger users.

 


I agree with that part.

bvoswego
Aspirant
Aspirant

I also am logged out which doesn't bother me as much as I then need to type in my email address each time. This started recently. Before, all it did was ask for the PW. Trying to determine if this is a window 10 thing or Arlo

Macahi
Apprentice
Apprentice

@bvoswego 

It's Arlo.  They also made several other webpage changes at the same time.

 

I'm just keeping the page open in the browser now instead of loading it when I need it.  It's stupid to have to do that, but whatever.  Arlo isn't known for making smart decisions.  As long as I interact with the page every 1/2 hour or so, it's staying logged in.  (At least that's my experience so far.)

StephenB
Guru Guru
Guru

@Macahi wrote:

As long as I interact with the page every 1/2 hour or so, it's staying logged in.  (At least that's my experience so far.)


If you refresh the page, I think you will be asked to log again.

Gumby-Arlo
Tutor
Tutor
parsrgood
Apprentice
Apprentice

Just a heads up. I've been hearing two factor authorization mentioned several times in this thread. This log in mess is not due to TFA. Two factor authorization requires a code sent to you via email or message,facial recognition, thumb print etc. in addition to your user name/email and password. Arlo log in requires email and password only. This newest attempt to irritate their customers is the result of them transitioning from netgear to arlo which is supposed to be complete by the end of the month. All of these past issues could have been avoided if Arlo management would have told their engineers back in April "IF IT AIN'T BROKE, DON'T FIX IT" 

StephenB
Guru Guru
Guru

@parsrgood wrote:

Just a heads up. I've been hearing two factor authorization mentioned several times in this thread. This log in mess is not due to TFA. Two factor authorization requires a code sent to you via email ...


Yeah, I know how it works.  

 

Technically it's not related.  However, Arlo did uplift the security on the web client as part of their TFA implementation - and they rolled it all out as a package when they launched the new app.  That uplift includes the more aggressive forced logouts (even when simply refreshing a page).

 

As I've said in other posts, in my opinion they went too far.  There's no reason why I should have to do more logins with Arlo than I need to do with my bank.

BPMayo7
Initiate
Initiate

I can't stay logged into the web app since the latest update.  Can't get help chat to initiate since all equipment selections on the chat start screen pull down menu do not seem to be supported and you have to choose a piece of equipment to continue, and to top it all off the help phone number requires a fee if you purchased the product(s) more than 90 days ago?  I also can't log in to the support function to send an email with the same credentials I use to log into the web app (yes it works just have to do it every time and what if you are in the middle of an "emergency" and want to check cameras?  Just tell us where to send the body I guess?)  If I knew customer service was going to be this abysmal I would have defintely bought a different product even at additional cost.  Anyone else having these problems?

BPMayo7
Initiate
Initiate

There is absolutely no benefit to the consumer to be logged off or timed out of your own security system.  Recent update incorporated this change and it needs to be reversed.  I was the victim of a home invasion and bought this system in response to an obvious need for home security.  Now, if my smartphone battery is dead let's say..and I want to use the web app to monitor a "situation" I have to log in.  Now if it is an urgent situaion not only is valuable time lost, but, if the person trying to log in is a littel nervous and mistypes a username or password it could take several attempts.  I am also handicapped so mobility is an issue.  You might as well invite any intruders in while you log back in to "My Arlo".  I was told by an Arlo customer service rep in a chat session that this was intentinally done by the "engineers" during the last update "for security purposes" .  Well I am an engineer and my guess is that this was developed and deployed to save Arlo money or address potential liablity concerns (for them).  Keep us logged in!  It could literally save someone's life!  Here's an excerpt from the chat session wheree it was revealed that this change was made on purpose.

 

"Apologies for the wait, I appreciate your patience.  I was able to verify this one with the team and our engineers designed it that way for security purposes that the Arlo Web will time out if it stays on and running in the background but the cameras still continue to capture any activity or movements"

 

So that's just great.  The cameras will keep recording.  The person who needs them most jsut won't be able to see what the camera is catching.  How absurd!

djskyhawk
Star
Star

I use fingerprint recognition on my Android phone, it only makes me log in every 30 days or so.  That works great, on my phone,  On my PC I used to be able to stay logged in, also, until latest update.  Now I log in, allow Flash, update page, and log in again.  I want to stay logged in, on my PC, as it is password protected.  It would be nice if Arlo would get with the rest of the tech world and stop using Flash, it will soon not be supported, then we're screwed.

parsrgood
Apprentice
Apprentice

@Kaskillah 

I 100% agree. Arlo crippled our security systems last May. Since then every time their engineers release a new update on both app and firmware it gets worse. I wish more people would show their displeasure with Arlo's products instead of just reading these threads. Arlo's customer service is a joke and it's now all to clear that Arlo could give a rat's ass about all their customers with security cameras which are nothing more than decoys. Thieves know by now that they have the green light when see arlo camers. Do the right thing Arlo. Hire a crew that knows what they're doing. A crew that tests their app and firmware updates before releasing them to already pissed off customers. Then maybe, if you get it right you can get rid of most of your clueless support team and hire some knowledgable pros that don't read from a script. 

Macahi
Apprentice
Apprentice

Yo, ARLO.  When are we going to get some kind of response?

Macahi
Apprentice
Apprentice

@ShayneS 

 

We're still waiting for some kind of a response here.