How to Use Ring's New Control Center for Better Privacy and Security

Consumer Reports has no financial relationship with advertisers on this site.

Ring has begun rolling out its promised privacy and security dashboard, called Ring Control Center, to users of its Android and iOS apps. As first reported in early January, the new dashboard allows Ring users to more easily manage both new and existing privacy controls, and below, we offer a step-by-step guide for what you should do.

The Control Center comes on the heels of a string of instances of hackers gaining access to Ring accounts and spying on unsuspecting users. Prior to Ring’s new Control Center, you had no way to tell if, for instance, a hacker had logged into your account, or even which devices, such as computers, smartphones, or tablets, were logged into your account.

Among the changes the Amazon-owned company has implemented are a feature that allows you to view and remove linked accounts for products and services connected to your Ring device, such as digital assistants like Amazon Alexa; making two-factor authentication a default setting rather than optional for new accounts, so you’ll get an additional temporary password via text message to log in to your account; and allowing you to opt out of receiving requests for video footage from police.

“We appreciate that Ring is giving consumers more transparency into their arrangements with police departments and more control over their footage and devices, but these security standards should have been implemented before the products hit store shelves in the first place,” says Katie McInnis, policy counsel for privacy and technology at CR Advocacy. “We’d like to see even higher security standards for their products.”

As part of Consumer Reports' efforts to protect consumers' privacy and security, McInnis recently sent a letter to 25 connected camera companies urging them to improve their privacy and security standards due to a string of recent hacks and data breaches.

Ring says it has more security features in the works, such as one that allows you to deny access to a device trying to log in to your account, which should help stop the credential stuffing attacks that affected Ring users back in December.

For now, Consumer Reports advises that you review the security measures provided in the Ring Control Center. It can be a bit confusing to figure out what changes you should make, though, so here’s what we recommend. It’s a good idea to periodically check these settings just to see if there are any suspicious linked accounts.

To locate the control center in your Ring app, tap the menu button at the top-left of the screen, then tap on Control Center. (Note: Ring is rolling out the Control Center over the course of a few days, so if you don’t see it in the menu, you might not have access to it just yet.) 

1. Check Two-Factor Authentication Settings

Since Ring's default two-factor authentication is only for new accounts, as an existing user, you'll need to set this up yourself in the Control Center. The first menu item you'll see is two-factor authentication. It should tell you if it’s on or off. If it’s off, CR strongly urges you to enable this setting, as it creates an additional layer of protection that can stop a hacker even if they know your password. Simply tap on two-factor authentication to enable the feature. Enter your phone number and you’ll get a numeric code via text message that you must enter in the app to enable two-factor authentication. Going forward, whenever you log in to your account you will be sent a temporary passcode that you’ll need to enter in addition to the password you created. 

2. Review Your Authorized Client Devices

An authorized client device is any smartphone, tablet, or computer that has the Ring app installed and logged in to your account. If, say, you check your Ring cameras on an iPad, work laptop, or smartphone, they will all appear in this list.

If you see any devices on the list that you don’t recognize, or even old devices that you no longer use, revoke their access. A device you don’t recognize could belong to a hacker, while old devices—which can be stolen or hacked themselves—could be used to access your cameras. Unfortunately, you have to revoke all your devices (tap the red “Remove All” button) and then log back in to the ones you want to keep.

If a bad actor is using your account, this step combined with enabling two-factor authentication will kick them out of your account and ensure they can’t log back in. Of course, if you think your account has been hacked, you should also change your password.

3. Review Your Shared Users

A shared user account is an account you create for family members and friends to access your Ring devices. These accounts are a much more secure alternative to handing out your own username and password. This setting lets you see and remove all your shared users. To see the list of shared users, tap on your home address in the Shared Users menu. If you see anyone you don’t recognize, or who should no longer have access to your devices, revoke their access by tapping on their email address and then the red trash can icon that appears next to it. 

4. Review Your Linked Accounts

Linked accounts are for third-party smart home devices (not smartphones, computers, etc.) and services that connect to Ring products, such as a Schlage Encode smart lock or the Amazon Alexa digital assistant. This setting lets you view the third-party accounts that are linked to your Ring account. If you see any accounts that you don’t recognize, or even old accounts that you no longer use, revoke their access by tapping the red trash can icon. It’s a good idea to remove old linked accounts because if they are ever hacked, people could potentially view your live camera feeds without actually breaking into your Ring account. 

5. Check Your Video Request Settings

This new setting allows you to opt out of footage requests from local police departments that have partnered with Ring. Before, you could only opt out after you receive your first footage request.

“You should strongly consider opting out of video requests from local law enforcement because neither you nor Ring has any control over how long the police department keeps the video or what they do with your footage once they download it,” says CR's McInnis. “In addition, users should be aware that by sending the footage to the police to use as they will, they are also exposing their personal email and physical home addresses to local law enforcement.”

Ring states that local police can’t view live video feeds or control Ring devices, and the only video police can see is video that consumers either post on the Ring Neighbors network, which is both built into the Ring app and available as a stand-alone app, or share with law enforcement via these footage requests. You can find out more about how Ring works with law enforcement in the FAQ page on its website.

To opt out now, tap the Video Requests button under the Video Requests menu, followed by the Disable button. From this menu, you can also view a map of Ring’s 800+ partner police departments. We've embedded the map below so you can see which departments in your area are working with the company.

More from Consumer Reports:
Top pick tires for 2016
Best used cars for $25,000 and less
7 best mattresses for couples

Consumer Reports is an independent, nonprofit organization that works side by side with consumers to create a fairer, safer, and healthier world. CR does not endorse products or services, and does not accept advertising. Copyright © 2020, Consumer Reports, Inc.