Hey everyone,
At the moment im not using 2FA because of the problem i have with google storing/providing my login keys. Not only is this company in my opinion the worst one to trust with your 2FA but also the google 2FA has the problem that when your phone crashes before you moved all your links to another phone they are lost indefinately.
So i was wondering why 2FA isnt just build into the mobile home assistant app. When you login you get a popup on your phone to verify it was you. this could be secured with asking for a fingerprint or a pincode on the phone. This way you can keep it local with the local push function within the home assistant companion app. A nice extra touch would be to let home assistant detect when the system is addressed locally on the same network in which no 2FA is required or maybe an option to being able to activate/deactivate such a feature.