I’m having this same issue on Hassbian. I’ve never set a password for this install, and my dashboard is inaccessible.
There’s no configuration.yaml entry marked
http:
api_password:
There’s no Legacy API password option, either. I can’t find anything in the logs to suggest a password exists or was created. The issue started when I last updated through hassbian-config.
Multiple browsers, multiple restarts and browser storage clears, and I’m still unable to access the dashboard.
auth and auth_provider have a generic username I use everywhere (including here) and a hashed password I couldn’t guess, but clearly must have set at some point.
Is it safe to rename these to remove the authentication?
No, no hassio file. I’m using hassbian, if that makes any difference.
Progress, but still not fixed. Deleting (really, just mv’ing) those files to *.backup means I’m not prompted for an existing U/P anymore. But I am now prompted to create a new U/P.
I must have filled this out to create the U/P initially, but I don’t want authentication on this HA install. It will not be public-facing.
I’ve commented out the usual suspects including api_password and cloud, and have hard-coded my passwords into my configuration.yaml just in case it was pulling something funny from the now-empty secrets.yaml. No dice.
I can create a new U/P and now access my dashboard, but that doesn’t solve my issue of not wanting one.
I’m thisclose to just formatting the whole thing and starting over with my existing configuration.yaml, despite everything else working properly, including my Xiaomi Robot, which never used to work.
I understand the reasoning, but HA worked perfectly without authentication for me forever, behind a firewall. I can’t trust everyone in my home to want to authenticate every time they want to get a quick overview of relevant, grouped-by-room automation, because let’s be real – HADashboard just isn’t there yet. They’ll just stop using it to save the hassle of accessing a local server by a trusted client.
Even once is more more hassle than I want to put on the users on my network to even bother with authentication. They’d have to hand their device over to me to authenticate (or force them to make their own U/P they need to track and I need to manage should a password reset arise) every time the auth expired. This is doubly-frustrating for remote VPN users who may want to access my HA install.
If it were optional, that would be one thing. In theory, I should be able to dictate what requires authentication, especially for something that is not and never will be public-facing. My hass install will never show up on shodan, which is probably what spurred this whole forced authentication in the first place.
This will probably encourage me to look elsewhere, even though I really don’t want to. HA just works for the most part, but taking away my ability to administer my own box is a little bonkers.
Additionally, apparently I can add trusted_networks to effectively break this forced change. Maybe I’ll pursue that route instead.
Im having the same issues as above. I upgraded to latest Hass.io version and now can’t log in. I get to the create account page above and I create a user name and password. Then it goes to another screen where it asks me to log in and I use the same username and password and it tells me they are wrong. I went through the process of deleting the auth, auth_provider.home assistant and on boarding files and it got me back to the create account page, but same thing happens… Ive never seen the legacy API password option.
I don’t think you have same issue as OP’s, maybe just a typo in your password. To get legacy api password login, you have to first config http.api_password
This is ridiculous.
Who thought that introducing component breaking changes in a minor version bump is acceptable, and why?
I’ve created an account, i can log into HA just fine, but Dashboard is completely broken and has no access to HA anymore. I’ve set up a trusted IP range as well, for both the Docker IP range, 127.0.0.1 and my local network. No dice, Dashboard still has no access.
Additionally, onboarding causes an auth error on first attempt and requires a refresh to get to the login screen.
This is a complete and utter mess and never should’ve left the dev branch.
My very first install of Home Assistant and on a Raspberry Pi.
All went well then faced with the login screen.
I’m pretty sure I entered my usual username/password to create a new account…?
Then i’m faced with this impossible screen to navigate. Tried username, a new username, no legacy option.
What do I do? I don’t know how to change any files or look for them as the step by step guide didn’t even mention this screen. (https://www.home-assistant.io/getting-started/configuration)
No idea what to do…to configure SSH it seems I need to edit a file on hass.io
I’m going to wipe the SD card and try again.