Ring Doorbells Had Security Bug That Exposed Wi-Fi Passwords To Hackers -- Security Today

Ring Doorbells Had Security Bug That Exposed Wi-Fi Passwords To Hackers

Researchers found that the Wi-Fi passwords were sent over the network in plain HTTP rather than being encrypted.

By Haley Samsel
Nov 11, 2019

Ring doorbells contained a security vulnerability that exposed passwords to the Wi-Fi networks they were connected to, according to research published by Bitdefender.

The security technology company said that the doorbell, which is owned and sold by Amazon, was sending Wi-Fi passwords in cleartext, or unencrypted text, as the doorbell joined the network. This vulnerability would allow nearby hackers to learn the Wi-Fi password and potentially gain access to other devices connected to the network, TechCrunch reported.

“When first configuring the device, the smartphone app must send the wireless network credentials,” Bitdefender wrote. “This takes place in an unsecure manner, through an unprotected access point. Once this network is up, the app connects to it automatically, queries the device, then sends the credentials to the local network.”

The issue was ultimately fixed on all Ring doorbells in September but was not disclosed to users until this week. Researchers at Bitdefender told Amazon about the vulnerability in June, stating that all of the exchanges required to configure the device with a smartphone app are performed through “plain HTTP.”

“This means the credentials are exposed to any nearby eavesdroppers,” the report reads.

There is no evidence that the vulnerability was ever used against users, according to TechCrunch.

Hackers could also trigger the reconfiguration of the Ring doorbell by overloading it with deauthentication messages, causing the device to get dropped from the WiFi network. The mobile app would lose connectivity with the device and ask the user to reconfigure it, allowing hackers another path to intercept the network, according to the report.

Smart home technology has become increasingly popular in recent years but has not come without security issues. In a report published in July, researchers found that they were able to unlock front doors remotely with a now-discontinued smart home hub called ZipaMacro.

About the Author

Haley Samsel is an Associate Content Editor for the Infrastructure Solutions Group at 1105 Media.

HID Signs Agreement to Acquire Calmell Group
07/10/2025
HID and ASSA ABLOY Recognized with Renowned Red Dot Award for Innovative Biometric eGate Design
07/09/2025
Security Industry Association Announces Program for 2025 AcceleRISE Conference
07/07/2025
SIA Opens Applications for 2025 Denis R. Hébert Identity Management Scholarship
07/07/2025
Honeywell Makes Strategic Tuck-in Acquisition of Li-ion Tamer
07/01/2025
Defining SASE at the Largest Consumer Electronics Chain in the Nordics
06/26/2025
Elite Interactive Receives Strategic Investment from CIVC Partners
06/26/2025
ProdataKey’s Emergency Response Integrations: Integrated Access Control Made Easy
06/25/2025

Featured

Industry Embraces Mobile Access, Biometrics and AI

A combination of evolving workplace dynamics, technology innovation and new user expectations is changing how people enter and interact with physical spaces. Access control is at the heart of these changes. Combined with biometrics and AI, mobile access control has become increasingly crucial for deploying entry solutions that are seamless, secure and adaptive to user needs. Read Now
- Access Control
Sustainable Video Solution Delivered for Landmark City of London Office Development

An advanced, end-to-end video solution from IDIS, with a focus on reducing waste and costs, has helped a major office development in the City of London align its security with sustainability objectives. Read Now
- Facility Security
DHS to End ‘Shoes-Off’ Travel Policy

Homeland Security Secretary Kristi Noem announced a new policy today which will allow passengers traveling through domestic airports to keep their shoes on while passing through security screening at TSA checkpoints. Read Now
- Airport Security
AI to Help Resolve Non-Emergency Calls Across Utah and Decrease 911 Caller Wait Times

The Utah Communications Authority (UCA), which oversees the state’s next generation 911 technology services, recently announced that public safety answering points (PSAPs) throughout the state plan to implement Motorola Solutions’ Virtual Response technology to automate the receipt and resolution of 10-digit non-emergency line calls in Utah with the help of AI. Read Now
- Government
Report: 2025 Video Surveillance Market Set to Grow After Small Decline in 2024

Novaira Insights has unveiled its latest report, “World Market for Video Surveillance Hardware and Software – 2025 Edition.” The research indicates that the global market for video surveillance hardware and software experienced a slight decline of 0.3% in 2024. This performance fell short of previous forecasts, primarily due to a significant decrease of 7.8% in the Chinese market. Conversely, the rest of the world saw a growth of 4.9%. The global market for video surveillance equipment was estimated to be worth $25.0 billion in 2024. Read Now
- Video Surveillance

Security Today eNews

Sign up today for essential industry news and product information that can help you stay afloat in the fast-paced world of security.

Email Address*Country*

Please type the letters/numbers you see above.

Webinars

Whitepapers

New Products

Camden CM-221 Series Switches

Camden Door Controls is pleased to announce that, in response to soaring customer demand, it has expanded its range of ValueWave™ no-touch switches to include a narrow (slimline) version with manual override. This override button is designed to provide additional assurance that the request to exit switch will open a door, even if the no-touch sensor fails to operate. This new slimline switch also features a heavy gauge stainless steel faceplate, a red/green illuminated light ring, and is IP65 rated, making it ideal for indoor or outdoor use as part of an automatic door or access control system. ValueWave™ no-touch switches are designed for easy installation and trouble-free service in high traffic applications. In addition to this narrow version, the CM-221 & CM-222 Series switches are available in a range of other models with single and double gang heavy-gauge stainless steel faceplates and include illuminated light rings.
EasyGate SPT SPD

Security solutions do not have to be ordinary, let alone unattractive. Having renewed their best-selling speed gates, Cominfo has once again demonstrated their Art of Security philosophy in practice — and confirmed their position as an industry-leading manufacturers of premium speed gates and turnstiles.
Automatic Systems V07

Automatic Systems, an industry-leading manufacturer of pedestrian and vehicle secure entrance control access systems, is pleased to announce the release of its groundbreaking V07 software. The V07 software update is designed specifically to address cybersecurity concerns and will ensure the integrity and confidentiality of Automatic Systems applications. With the new V07 software, updates will be delivered by means of an encrypted file.