Sounds like you do get it.
I don’t want to have to change my samba password for example. I’d then have to go round all my devices that have it saved one by one updating it there also. It’s my password, give me the choice on whether I get nagged about it.
7 Likes
Not to complain but I had hoped that for instance someone had looked at the Homeconnect integration for washer and dryer. I am also still looking for some help how to move from the old to the new z-wave without losing all configurarion. But besides this, It looks good!
Just create an additional user for Samba on the Windows PC with a non pawn’d password. It’s not that hard. You will only need enter it once anyway and then never again for years.
For someone else who complained about ssh - make a private/public key and you will never need to log on again.
Getting some funny behaviour here also. Don’t mind the click to show more… but once I have scrolling back to the top has blanked so YAML out.
It comes back by scrolling or clicking back in it, but a bit of tweaking I think could be needed:
Great. If you have one PC, and no other devices with the password.
Else, not so great…
If you create a new user you don’t need to care about any other devices.
In each release there’s a section that mentions breaking changes sorted by integration. You don’t need to read all of them, just the ones you use.
1 Like
For all the effort of coming here to write about changing the password, they could have changed it by now
8 Likes
Still only solves the problem on that computer.
If you have a tablets and phones with the password then they also needs to be updated.
Now that we have settled the discussion that the password warnings do not belong in this thread, can we split the threads? And possibly merge it with the other thread.
They can continue to use the old insecure user - they don’t need to be changed
Had the same issue, while updating the AIOHTTP packages told me it was 3.7.x and was not compatible with Meross package. Version 3.6.2 was compatible, downgraded AIOHTTP but didnt solve this issue. Now downgraded HomeAssistant back to version 2021.2.3 and integrations started working again.
I’m running HA Core
Sorry David, but this shouldn’t be required for a local password. It’s not about it being hard, it’s about it being pointless. If it’s your log in password from the internet then it’s a great feature, but not when it’s throwing up local stuff that’s only available from the local network.
Guys, it’s fine if you are happy to go round changing all your passwords but for the folk who don’t want to, then we should have the option and saying it’s easy to change a password really isn’t the solution.
2 Likes
Thanks for the update!
I got same problem, I get “Insecure secrets in …” for node-red and Samba, I am not sure where to look at, do we need to change the passwords on these? My system is local, so the passwords shouldn’t be a problem.
EDIT: Never mind, it was already widely discussed.
Correct.
Even if you could access it from the outside then it would still not make any difference.
If someone manages to open your account on your HA then it would be fairly easy to open the Supervisor tab and look at the plain text passwords anyways.
EVEN if that password is 500 characters. It’s still there in plain text.
8 Likes
Having same issue here, downgraded to 2121.2.3 for now.
1 Like
It came with the latest supervisor not with the core.
Yes, with me it also started at that version 2021.2.3.
I have an issue with the way triggers are initialised.
* Error initializing 'Lane Gate Battery Monitor' trigger: In 'numeric_state' condition: state of sensor.laneway_gate_battery is unavailable
* Error initializing 'Mailbox Battery Monitor' trigger: In 'numeric_state' condition: state of sensor.mailbox_battery is unavailable
These devices spend 99% of their time asleep. Do I have to run out into the back yard and wake them up every time I want to restart home assistant or reload automations?
2 Likes