So Sonos has a new web app that access my speakers from the internet through my firewall/router. That’s kind of scary to me. I don't like most appliances having access from the outside world and that opens to door to hackers to get into my network. Does anyone know how Sonos opened that hole in my firewall without my knowledge? Do we know what security is in place to prevent hacking?
Hi
First thing I suggest is setting a proper strong password on your Sonos account. Go to https://www.sonos.com/en-us/myaccount/user/profile and click the “Reset password” link. Second thing I suggest is letting Sonos know that they need to implement two factor authentication (2FA) on sonos.com (and by extension, the web app).
Hi
First thing I suggest is setting a proper strong password on your Sonos account. Go to https://www.sonos.com/en-us/myaccount/user/profile and click the “Reset password” link. Second thing I suggest is letting Sonos know that they need to implement two factor authentication (2FA) on sonos.com (and by extension, the web app).
When I access the web app through play.sonos.com from outside my network and can control the system wouldn’t this be a case of Sonos servers reaching in to the network?
With the way sonos web api worked before everything originated from within your network, now commands can come from outside.
Hi
First thing I suggest is setting a proper strong password on your Sonos account. Go to https://www.sonos.com/en-us/myaccount/user/profile and click the “Reset password” link. Second thing I suggest is letting Sonos know that they need to implement two factor authentication (2FA) on sonos.com (and by extension, the web app).
Thank you for that explanation. Thats what I needed to know. Funny cause I just reset my password today. I always use strong passwords because I can remember them all anyway.
When I access the web app through play.sonos.com from outside my network and can control the system wouldn’t this be a case of Sonos servers reaching in to the network?
Technically, no. Each of your Sonos devices initiates a connection with the Sonos servers. After that connection is open, commands from the server—in response to what you do on the web app—are passed on to the selected device.
Now the above is somewhat pedantic, I suppose, as if someone guesses your password and logs into the web app (something that seems to have happened to a handful of users, documented on these forums) it certainly feels like the ne’er do well has hacked your Sonos device(s).
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.