After a long day at work, I like to take a few minutes to look at my security cameras to see what is going on around my house. Most of the time I see nothing unusual, mostly kids walking to and from the bus stop, cars racing down a residential neighborhood, etc. Occasionally I will see something unusual, like two fox running down the street, empty garbage bins rolling down the street like tumble weeds in a western movie, or a dog walking its owner.
To answer the topic of this post: Yes, your security camera can be hacked. It’s unfortunate but true all security cameras can be hacked. The good news is there are ways to significantly reduce the risk of your security camera being hacked. Steps you can take today to reduce the risk of your security camera being hacked include:
- Changing the default password of your security camera
- Changing the default password of your router
- Changing router and camera passwords frequently
- Make passwords difficult to crack
- Limit the number of people that have access to your wifi
- Don’t use common passwords
Change the default password of your security camera
The first step you should take to reduce the changes of your security camera being hacked is changing the default username and password of your camera. Most cameras either have no username and password or a username and password of “admin.” One example of the latter is when I installed a Foscam IP Camera, the username and password were “admin.” The software recommended changing both the username and password, but it wasn’t required.
This is done as a convenience for the person that is setting up and installing the cameras. Unfortunately many consumers forget to change the password making it easy for hackers to find and crack. This is less hacking than it is finding and picking low hanging fruit. I recommend creating a strong username that is not easily associated with the house or business it is associated. For example, JonesIP camera may be bad if you are the Jones family, but good if your name has no association to Jones.
Change the default username and password of your router
Similar to the section of changing the username and password of your security camera, you should always change the username and password of your router. Your router is a piece of hardware that connects all of the internet enabled devices to the internet. Often, the router username and password is “admin.” Here is the top result of a Google search “router username and password.” As you can see, all of the top router manufactures use “admin”, “user”, or “password” for router logins. Once again, this is more about low hanging fruit, than high level, big time hacking.
To change router settings, log in to your router, using the above link, and find the section to change the password. Make sure you make this password very difficult to crack. Do not make the password “1234” or something similar. Later in this post I will discuss ways to make passwords difficult to crack as well as common passwords that you should not use.
Change passwords regularly
This can be debated, but it is recommended that you “rotate” or change your passwords regularly. The recommended rotation can be anywhere from three to six months depending on who you ask. I’m sure you are wondering why you should rotate your passwords, and the answer is it prevents hackers from taking advantage of passwords stolen months or years ago. A good thief doesn’t steal information and use it right away, they steal the information and wait a while before attempting to use or sell the information.
Personally, I recommend changing passwords quarterly, just to be safe. In addition, there is software available for you to store passwords in case you forget.
Make passwords difficult to crack
One of the best ways to prevent your security camera from being hacked is to create passwords that are very difficult to crack. Hackers would prefer low hanging fruit, and will not spend the time required to hack into a security camera when they know there are consumers that did not bother to secure their camera. According to Norton, antivirus and other types of security software providers, was to create strong passwords include:
- Using a combination of letters, numbers, and symbols
- Ensure passwords are at least eight characters long
- Use abbreviated phrases for passwords
Check out the above links to see all of Nortons do’s and don’ts. One example of a strong password could be T3S3cG&. This could represent “The Security Guy” (Don’t worry, this is NOT my password).
Limit the number of people that have access to your wifi
Another easy step you can take to reduce the chances of people hacked is to limit the number of people that have access to your home network. The reason why you should not allow everyone to access your wifi is not everyone is as security conscious as you are. Your friends and family can be your worst enemies by not following basic security awareness. They could join public wifi networks and share your personal information, share sensitive information on social media, or using the same username and password for all of their logins.
Many router manufactures have created guest networks on higher end routers that allow guests to your home access to a subset of your internet. The guest network is considered different than your primary network reducing the risk of friends and family exposing your primary network to vulnerabilities. For example, Linksys (one of the largest router manufacturer in the world) offers guest networks on their Smart Wifi, Wifi Routers, and X-series Gateway product lines. As with your primary network, it is best practice to change your username and password for guest networks. You can check your router product manual to see if your current router has guest a guest network.
Don’t use common passwords
The final thing you can do today to reduce the risk of your security camera from being hacked is to not use common passwords. Passwords like “password”, “1111”, “1234”, are really simple passwords that hackers love and corporations fear. In general, hacking is a numbers game, hackers create code where they are testing accounts looking for users that have “admin” for the username, and “1111” for the password. In addition, if a user has this combination of username and password for one account, there is a good chance that he has this same combination for other accounts. Also, remember that passwords should be at least eight characters (letters, numbers, and symbols), with the longer the better. Also, passwords should be short code for something that is important to you. One suggestion I came across long ago was to use important dates. For example, if you retired from your job on October 8, 2014, your password could be Oct08-14, OcT14-08, or some variation of the date.
According to this Wikipedia article, here are a list of the most commonly used passwords. If your any of your passwords are on this list, CHANGE THEM TODAY. If you are having trouble creating or remembering passwords, there is software like LastPass to assist you.
In summary, while it is possible for your security camera to be hacked, taking these six steps can greatly reduce the chances of it happening to you. Just remember:
- Change or rotate passwords every three to six months
- Change passwords on your security camera and router from admin
- Make sure your password is at least eight characters with a combination of letters, numbers, and symbols
- Enable guest networks (if your router has one) for friends and family
- Do not use “1234”, “monkey”, or the like for any passwords