2 factor authentication

Hey everyone,

At the moment im not using 2FA because of the problem i have with google storing/providing my login keys. Not only is this company in my opinion the worst one to trust with your 2FA but also the google 2FA has the problem that when your phone crashes before you moved all your links to another phone they are lost indefinately.

So i was wondering why 2FA isnt just build into the mobile home assistant app. When you login you get a popup on your phone to verify it was you. this could be secured with asking for a fingerprint or a pincode on the phone. This way you can keep it local with the local push function within the home assistant companion app. A nice extra touch would be to let home assistant detect when the system is addressed locally on the same network in which no 2FA is required or maybe an option to being able to activate/deactivate such a feature.

What about using a proper locker for it ? like Bitwarden, Lastpass, whatever that are perfect for that and secure !

installing apps to secure apps… well offcourse that would be an option. But im trying to use as little apps as possible.

you can also use Microsoft Authenticator as the 2FA mobile application - which also performs backups of your keys and such … restoring your phone (and MFA’-ing again to your account) also restores the MFA keys…

There are open source ones as well. You don’t need to trust Microsoft or Google or LastPass or anyone.