Graham Cluley:

So, if you’re unlucky enough to have your password stolen or cracked, a criminal can gain access to your Tesla car. In fact, they can unlock it “from afar” if they wish.
 You can also have your movements tracked by a jealous partner or malicious stalker, or a prankster could make your car honk its horn or open the panoramic roof in the rain.
 Oh, the jolly japes that could be had with this… especially as the vast majority of people either choose dumb, easy-to-guess passwords or re-use passwords in multiple places. Not to mention those folks who leave their unlocked iPhones just lying around for anyone to abuse.
 Yes, you might be wondering why you would ever need an iPhone app to unlock your car, or to heat its seats, but stop being such a kill-joy. This is the “internet of things” and it’s progress ™.
 Dhanjani’s research, which he revealed at a conference in Singapore, raised concerns about Tesla’s security, including that the Tesla website does not appear to lockout users after multiple incorrect login attempts – opening a window of opportunity for brute-force password cracking attacks.