We use cookies to allow us and selected partners to analyse site performance to improve your experience and for advertising. By continuing to use this site you consent to our use of cookies as per our cookie policy which also explains how you can change your cookie preferences at any time.

Five ways to protect your smart home from hackers

By Martin Pratt

More devices are getting smart, but are they getting more secure? We explain how to protect your privacy and keep your smart home secure.

Put us to the test

Our Test Labs compare features and prices on a range of products. Try Which? to unlock our reviews. You'll instantly be able to compare our test scores, so you can make sure you don't get stuck with a Don't Buy.

Smart homes have many benefits. The convenience of being able to operate your lights, speakers, thermostat and more from an app on your phone is hard to live without once you've tried it. 

Internet-connected devices can make each other smarter, too. Motion sensors can switch on lights when they detect you walking through the door, and smart locks automatically secure your home when your phone drops out of range of your router

Cameras, locks, sensors; so many smart home devices are about making our homes secure, but what about the security of the devices themselves? Our research has found serious flaws in popular smart devices that hackers can exploit to farm your most personal data and even gain access to your home. 

We rate all the smart hubs we test on how secure they are. To find out which models performed best overall, visit our guide to the top smart hubs for 2017.

How to keep your smart home secure

1. Don't stick with the default password

Starting with your router, be sure to change the password of every device connected to your broadband. Smart products need an internet connection to function, and all the signals are going through your router. If that's not secure, it could compromise everything on your home network.

It's tempting to choose a word you can remember and to use it across your devices, but it's far better to have a unique password for each device. Ideally, this would be a random jumble of characters. Our research found that a strong password could take millions of years to crack, whereas a simple password could take only minutes.

2. Keep your software up to date

Just like your phone or computer, smart devices get software updates that add features, adjust performance and improve security. Hackers are always coming up with new ways to infiltrate your network, and updates allow manufacturers to install software to combat new spyware, malware and viruses that make your smart home vulnerable.

Some smart devices will update automatically, but it's worth checking the device's app periodically to see whether it is up to date.

3. Complete the set-up

Some devices, such as speakers and TVs, have smart features that you don't necessarily need to use. Even if you have no intention of ever using the smart functionality, it's best to set it up anyway. This is because many devices use their own wi-fi connection during set-up, which is unlikely to be as secure as your own.

If your device remains connected to the provisory set-up network, it's an easy target for hackers.

4. Think about where you put devices

Voice-controlled tech, such as the Amazon Echo and Google Home, are susceptible to the simplest hack of all - someone else talking to them. The Echo can be used to order things from Amazon with a simple command. If it's placed by a window or is easily visible from the street, an opportunist attacker could use it to order expensive items and intercept them.

You can turn off 'voice purchasing' from the Echo's Alexa app or you can set up a four-digit passcode.

As smart speakers get more advanced and become compatible with more devices, it's possible that they could be used to open smart door locks, and turn off security cameras and motion sensors.

Google Home can recognise who is talking to it, and it's possible that at some point you will be able to set it not to listen to strangers, which would also improve security.

5. If you don't trust it, don't buy it

The market is flooded with smart home devices and we can't test them all to see how safe they all are. If a device doesn't ask you to update the password that you use to access it, or you're not sure how it's using the data it collects, don't buy it or, if you already have, return it to the store.

Smart speakers are always listening for their 'wake word', and wireless security cameras don't stop watching unless you turn them off. If you want absolute privacy or you're worried your network may have been compromised, the best thing to do is pull the plug.

Security flaws in smart home devices

To truly test the security of smart home devices we hired security researchers, SureCloud, to try and hack them. It took just four days for the researchers to infiltrate our home network. To read more about what happened in our tests and see our video of the results, visit our guide to the internet of things and security.