Resetting Your Password in the Event of a Third Party (non-Ring) Data Breach
Privacy, security, and user control are foundational to Ring. That’s why we’re always looking for ways to help keep your account secure. If you’ve received a message that the password you use for your Ring account has been compromised and you need to immediately change it, that’s because Ring determined that the password you use for your Ring account may have been compromised in connection with a third party (non-Ring) breach, and published online.
This article will explain why you received this message and any actions you will need to take.
Bad actors are constantly trying to find account usernames, email addresses, and passwords they can use to get into online accounts. Sometimes, due to a data breach at another company, customers’ account usernames, email addresses, and passwords are exposed online. Many people use the same username or email address and password for multiple accounts, so proactively checking these lists of exposed passwords allows us to help protect your Ring account.
Ring checks these lists of exposed usernames and passwords when you sign in, create a new password, or change your password. While we cannot guarantee that we will always be able to identify whether or not a password has been published online, Ring has implemented this extra security check to help protect our customers’ Ring accounts.
Why do I need to change my password?
We work hard to safeguard your account from being accessed by a bad actor that has found matching credentials published online as a result of a third-party data breach.
If you use the same email address and/or password for multiple accounts, passwords exposed in a third-party data breach might match the credentials you use for your Ring account. If we detect that credentials from a third-party data breach matching those used for your Ring account have been published online, we will ask you to reset your password in order to help keep your Ring account secure.
Can I opt out of this security check, or choose the same password I used before?
No. If Ring finds credentials that have been published online that match the ones you use for your Ring account, we will require that you create a new password for your Ring account. This helps protect your Ring account from being accessed by a bad actor that has found matching credentials published online as a result of a third-party breach.
If you are matching Ring passwords to ones published online, does that mean you have lists of Ring passwords that your employees can access?
No, employees do not have access to your password.
Does Ring have my login information from other sites or services?
No. Ring does not have access to your login information from other websites, apps, or online services. Ring works with a third-party service provider that keeps track of known third-party (non-Ring) data breaches and the compromised credentials associated with those known third-party data breaches in the provider’s own separate database. Ring automatically checks scrambled account passwords against this database. At no time are Ring customers’ credentials shared with the third-party provider.