I finally audited my smart home after 3 years and found 4 security problems hiding in plain sight

After three years of accumulating smart home devices, a routine audit revealed four common but overlooked security issues: legacy devices from defunct companies that no longer receive security updates, forgotten admin access granted to ex-roommates or partners (including Matter fabric credentials and HomeKit/Google Home permissions), unencrypted metadata being sent to the cloud by supposedly privacy-focused cameras, and over-privileged voice assistants lacking proximity verification. The key takeaway is that smart home security erodes gradually through small neglected gaps, and users should audit logins, credentials, and device permissions at least once a year.