Iām not sure the number of persons at home has to imply the number of accounts.
We are 5.
Kid would share an account. Parents another. I wish, based on the auth, that the interface would change.
An admin account for all access, including maintenance.
And maybe a guest account so that when I have family at home, they can set things in an obvious way.
And maybe some other 5 members family will like a one account setup.
You keep mentioning cookies but we donāt use cookies to store auth 
we use local storage. But yeah, if you keep clearing all your browser settings, itās up to yourself to deal with that.
We donāt automatically select a user with trusted networks because it means a malicious website can link to your authorize page, it will automatically pick your user and then redirect back to malicious website with a refresh token.
homeassistant:
name: Maison
latitude: !secret ha_latitude
longitude: !secret ha_longitude
elevation: 0
unit_system: metric
time_zone: Europe/Paris
customize: !include config/customize.yaml
auth_providers:
- type: trusted_networks
http:
trusted_networks:
- 127.0.0.1
- 192.168.2.0/26
I connect with Firefox, I keep cookies in the standard interface but I use ācookie autodeleteā, my server is not in the white list.
If I donāt use the network trusted auth, it even asks for a password everytime I restart the browser. Linux, W10 or mobile browser.
You are probably right, unfortunately there is no option in Firefox 62 to differ cookies from local storage. The appropriate setting (āPrivacy & Securityā) reads āAccept cookies and website-data (recommended)ā and āKeep, until Firefox is closedā
I somebody knowās a more fine-grained setting, please let me know.
Looks similar to mine, but I am not at home currently and (as I am obviously unfamiliar with security) my HA installation is not exposed to the internet. Will check as soon as possible.
Is it safe to assume the new Auth system will one day allow HASS to know if an external(outside hass) source or unknown source changed a state? For example if someone turned on a light via a switch on the wall vs an automation or UI doing so?
A system to see who did what would be awesome.
Yes. This is why we did the migration a couple of releases ago. We just need to update the logbook to give insight into this information.
Ah that makes sense why we have different behavior then !
Cookies Autodelete handles the local storage too, using the same whitelistā¦
But FF has a limitation about site with local storage but no cookie.
I donāt delete cookies neither local storage from standard FF options, but using the add-on instead. @m0wlheld : you should try with an add-on and see if it works.
As Iām home, I found out the behavior of trusted networks auth not to be as expected : if youāre out of a trusted network, then you wonāt be able to log in at all. I was expecting it to fall back to user/password.
I revert to standard !
@Mister_Slowhand I checked my configuration and it looks similar to yours. I do have trusted_networks authentication enabled (as only auth) and trusted_networks matches localhost and my private home network. Additionally, since my Home Assistant installation is proxied by an nginx server on the same host, I have trusted_proxies set to localhost, too. Still - selecting the only defined user upon initial UI call or on page reload is required.
Iāve even put the HA host on FFās whitelist, but that does not save the āloginā either. Using the āDaten verwaltenā¦ā button from the dialog above, no data (cookies or āWebsitedatenā) is stored for the HA host.
What version on your on? Did you ever saw āsave loginā dialog pop-up in your right bottom corner?
Sure. Everytime after login. And yes - I did click the āyesā button. If it helps, I could watch the request/response headers to check whatās going on. What should I look for?
I think you only clear browser upon exit, but why reload page need relogin?
Donāt now. By āreloadā I mean full refresh, using Ctrl-r
There was a bug in 0.77.2 that caused this with Firefox, have you updated to 0.77.3? This fixed it for me.
Iām on 0.77.3
My HA wouldnāt load back up tonight after a restart (Hassio) so I saved my files deleted the SD card and formatted then used etcher. After putting my as card back in my Pi the HA screen comes on and says it will take 20mins after that it asks for a user name and password. But it hasnāt loaded again it just spins. Is there something Iām missing?
Thanks!
Okay, my bad. I had to put the HA host on Firefoxās whitelist incl. the protocol (http://) to make local storage (and cookies) persist. Once done, I donāt need to select a user upon opening the HA site or reloading it.
Next: Add this setting to the 3 other in-house PCs for each of the 4 Windows accounts ā¦
Why 4 accounts per PC if everything (like controlling the house) is shared on a family-based trust-level? 
(Please donāt take my statement too seriously, Iām just teasing. Of course on the PCs everybody has their personal data.)
You donāt want my sonās YouTube history to open in your brower or get your Windows installation messed up by a fancy total-serious-minecraft-addon.doc.exe ā¦
Can you explain how you did this? I have no extensions installed. I am on version 62.0 of Firefox
