Smart home privacy audit: lock down your devices

Most smart home setups grew piece by piece over time. An Echo here, a Ring there, a smart bulb, a thermostat. Each was set up with defaults that were "good enough." Two years later, your house is collecting a lot of data and you're not sure who has access to what. This audit fixes that in an hour.

Step 1: Inventory your devices

Walk through your house. List every device that connects to Wi-Fi or to your phone:

• Smart speakers (Echo, Google Home, HomePod)
• Smart displays (Echo Show, Nest Hub)
• Doorbells and security cameras (Ring, Nest, Wyze)
• Smart thermostats (Nest, Ecobee, Honeywell)
• Smart locks
• Smart bulbs and plugs
• Smart appliances (fridge, washer, dryer)
• Robot vacuums (Roomba)
• Smart TVs
• Streaming devices (Roku, Fire TV, Apple TV)
• Baby monitors
• Pet cameras and feeders
• Smart sensors (motion, contact, water leak)
• Smart smoke and CO detectors

For each, note which app it uses and which email/account it's tied to.

Step 2: Audit accounts

Check passwords

• Are any reused across devices? Should be unique per service.
• Are they weak? Replace with strong, unique passwords (use a password manager).
• For older devices you set up years ago, change passwords now.

Turn on 2FA

Two-factor authentication should be on for:

• Amazon account (controls Alexa)
• Google account (controls Nest, Google Home)
• Apple ID (controls HomeKit)
• Ring
• Wyze, Arlo, and any camera/lock service

See our 2FA guide.

Check who has access

Each app has a list of users with access. Review:

• Is anyone listed you don't recognize?
• Old roommates, ex-partners, contractors who needed temporary access?
• Remove anyone who shouldn't have access.

Step 3: Reduce data collection device by device

Amazon Alexa / Echo

1. Open Alexa app > More > Settings > Alexa Privacy.
2. Tap Manage Your Alexa Data.
3. Turn off Use of Voice Recordings (stops humans from reviewing your clips).
4. Turn off Help Improve Alexa.
5. Set Choose how long to save recordings to 3 months or "Don't save" if available.
6. Tap Advertising preferences and toggle off.
7. Press the microphone button on each Echo to mute when not in use.

See our Stop Alexa listening guide for details.

Google Home / Nest

1. Go to myactivity.google.com.
2. Find Google Assistant activity.
3. Pause activity, or set auto-delete to 3 / 18 / 36 months.
4. For Nest cameras: in Home app, settings > Activity zones, set narrow zones (less false-positive recording).
5. Turn off "Use for personalization" in Google Assistant settings.

Ring doorbell / cameras

1. Ring app > Control Center > Authorized Client Devices. Sign out devices you don't recognize.
2. Control Center > Two-Factor Authentication. Turn on.
3. Control Center > Video Storage. Set retention to 30 days (or less).
4. Set motion zones narrowly to avoid recording neighbors or sidewalk.
5. Decide whether to opt out of Ring's Neighbors app integration.
6. Opt out of law enforcement data requests where possible.

Apple HomeKit

Apple's smart home platform has the strongest privacy by default. Settings > your name > iCloud > HomeKit Secure Video for encrypted camera storage. No further changes usually needed.

Smart TVs

• Samsung: Settings > Support > Terms & Policies. Turn off ACR (Automatic Content Recognition) and viewing data sharing.
• LG: Settings > General > About This TV > User Agreements. Disable optional data sharing.
• Roku: Settings > Privacy. Limit ad tracking.
• Vizio: Settings > Admin & Privacy > Viewing Data. Turn off.
• Apple TV: Settings > General > Privacy. Disable optional data sharing.

Smart TVs are among the worst offenders for tracking; this step matters more than people realize.

Smart locks

• Review access codes: revoke any for ex-employees, old caregivers, ex-roommates.
• Turn on activity notifications.
• Set master code to something not 1234.

Robot vacuums

Many robot vacuums create a detailed map of your home. Some have shared this data with their parent company.

• Roomba (iRobot): Settings > About > opt out of data sharing where offered.
• Be cautious about cheap Chinese-made vacuums; some have had privacy issues.

Smart appliances

Smart fridges, washers, ovens. Most don't need internet to function. If you're not using their smart features, disconnect them from Wi-Fi.

Step 4: Delete history

Alexa voice history

1. Alexa app > More > Settings > Alexa Privacy > Review Voice History.
2. Date filter: "Today" or "All History."
3. Scroll to bottom: Delete all of my recordings for all history.

Google Assistant history

1. myactivity.google.com.
2. Click filter: Google Assistant.
3. Delete by time range or all.

Ring video history

1. Ring app > History tab.
2. Long-press videos to delete in bulk.
3. Or in Control Center, delete all video.

Browser and account history at smart home company sites

• amazon.com/yourorders: review what you've ordered through Alexa.
• Google Account > Data & privacy > My Activity: see and delete Google data.
• Apple: settings.apple.com > Data and Privacy > review.

Step 5: Network-level privacy

Your smart home devices all use your Wi-Fi. Some recommendations:

Put smart devices on a separate Wi-Fi network

Most modern routers let you create a guest network. Put smart home devices on the guest network so they can't see your computers, phones, or files.

1. In your router app, create a guest network with a different name.
2. Connect smart devices to that network only.
3. Keep computers and phones on the main network.

Use a strong router password

If your Wi-Fi password is "Welcome1!" change it. Strong password = harder for someone outside to access your smart devices. See our change Wi-Fi password guide.

Disable WPS

WPS (Wi-Fi Protected Setup) is a convenience feature that's a security weakness. In your router app, turn it off.

Update router firmware

Many routers don't auto-update. Check your router app for firmware updates. Old firmware has known vulnerabilities.

What to do with old smart devices

Before donating, selling, or trashing a smart device:

1. Factory reset it.
2. Remove it from your account in the app.
3. For cameras and doorbells, wipe all videos.
4. For smart locks, remove all codes.

Without these steps, the next owner may still be linked to your account or see your data.

Privacy by category (quick reference)

Best privacy

• Apple HomeKit devices (data stays mostly on your devices)
• Devices that work locally without cloud (rare; usually require a hub like Home Assistant)
• Wired (Ethernet) devices vs Wi-Fi

OK with effort

• Amazon Alexa with privacy settings dialed in
• Google Nest with auto-delete on
• Ring with 2FA and motion zones
• Major brand smart locks

Caution

• Cheap no-name smart devices from Amazon (variable security)
• Older smart TVs that don't get updates
• Smart appliances connected to Wi-Fi unnecessarily

Common smart home security mistakes

• Default passwords never changed
• 2FA off
• All devices on the same network as computers
• Ring or camera login shared with multiple family members (use household sharing instead)
• Recordings never deleted
• Old devices sold without factory reset
• Routers that haven't had firmware updated in years

5 things to do this week

1. List every smart device in your house.
2. Turn on 2FA on the 3 most important smart home accounts (Amazon, Google, Apple).
3. Delete Alexa and Google voice history older than 3 months.
4. Audit Ring authorized devices and Ring video retention.
5. Set a calendar reminder for 6 months from now to repeat this audit.