Login attempt failed from iOS device

I use also RTSP camera hand have this issue. Maybe, a proxy are the solution.

i delete my database and now no more errors… maybe worth a try for others if you don’t find the data is gone

1 Like

Interesting!

Is that safe?

Any instructions or guidance you can share @Sven12345 ?

maybe this can help you I have my database running on mysql should you have that too I will also try it for 2 weeks now no error. hopefully it will stay that way…

and solve the problem also by your HA?

Login attempt failed messages started popping up today. iOS 15 on my iPhone 12. HA version 6.4. Is there a known fix?

Here is the automation I came up with, entirely based on your idea, with the added more elegant trigger that was missing :

alias: Hide iPhone co notification
description: 'Trigger at iPhone Login attempt failed notification, to remove that notification'
trigger:
  - platform: event
    event_type: call_service
    event_data:
      service_data:
        title: Login attempt failed
        notification_id: http-login
      domain: persistent_notification
      service: create
condition: []
action:
  - service: persistent_notification.dismiss
    data:
      notification_id: http-login
mode: single

It triggers on any persistent notification creation with title = Login attempt failed and notification id = http-login, which correspond to what I get often as well when I launch the HA app on my iPhone.

Pros :

  • No more Login attempt failed notification !
  • It’s clean as it only tigger on http-login notification, and it’s the only thing it remove
  • Login attempt failed are still visible in HA logs as WARNING

Cons :

  • No more Login attempt failed notification at all of any kind ! You will only be aware of any failed login (proper or malicious) if you happen to go check HA logs. Only apply this solution if you’re confident enough in HA security you’ve set (proper password, ip_ban_enabled: true, double authentification, https from outside, … ), and if you’re sure you only have an issue with that specific case of the iPhone application.
  • It’s not a fix to the actual issue, stay aware of ip_ban_enabled: true, I recommend setting login_attempts_threshold at least to 10, I once had my iPhone ban at 5…
1 Like

I had a camera (xiaomi vacuum map extractor) on main tab. I moved it to another and problem disappeared. I figured out it from nginx access log, it can help you to understand this behaviour.

1 Like

Had the same issue and i could fix it for me.
I deleted the „Mobile App“ integration for this device in home assistant and login errors were gone.

After this i reinstalled the iphone app and everything was as it should be

1 Like

My automation stopped working few months ago …
Here is the one I’m currently using (Source : WTH are those Login Attempt failed? - #85 )

alias: Hide Notification http-login
description: 'Trigger at Login attempt failed notification, to remove that notification'
trigger:
  - platform: state
    entity_id: persistent_notification.http_login
    to: notifying
condition: []
action:
  - delay:
      seconds: 1
  - service: persistent_notification.dismiss
    data:
      notification_id: http-login
mode: single

From various feedback I could match with my case, the issue seems to be related to HA trying to refresh a remote connection before it has itself finish authenticating. In my case, I get the notification when the application opens back to the lovelace page with my vacuum map (a HA camera), either after a full shutdown of the app or a connection change

Here’s a slightly better (more targeted) automation which will automatically dismiss any notifications for failed login attempts based on a specific ip address. Just be sure to update the ip address in the value template for the device that is causing the issues. This may not work if your device changes ip addresses, but you could change the condition to an “or” condition and add more template conditions to dismiss login failures for other ip addresses.
I hope this helps!

alias: Dismiss local login failures
description: ''
trigger:
  - platform: state
    entity_id:
      - persistent_notification.http_login
    attribute: message
action:
  - service: persistent_notification.dismiss
    data:
      notification_id: http_login
mode: single
condition:
  - condition: template
    value_template: >-
      {{ "10.0.7." in state_attr("persistent_notification.http_login",
      "message") }}

3 Likes

very cool!

@meichthys , I have super minimal coding knowledge so this may be a silly question, but how does one input sever IP addresses? can this be done in the same command or do I need a new automation per IP address?

thx!

Z

Is this solved for you guys here with the latest release 2023.2?

1 Like

You know what?

I hadn’t actually noticed, but I think it is!

Unfortunately for me, this has still happened on my wife’s iOS companion app :frowning:
I just realised though, that she does have different permissions linked to her user account. Wondering if it might have something to do with that. I never have this re-authorization issue myself :man_shrugging:

I just had this with the macOS app as well. My App integration had both the iOS and macOS entity. Only after deleting both (I did first iOS, then macOS) the erroneous notification went away.

It seems that this can still happen, I was fighting with this yesterday on a new (and repeated) installation of HA as well as the iOS app. The log on the iOS app showed that the “refresh token” was rejected. Deleting and re-installing the app on the phone did nothing, but deleting the app on the phone, removing the iPhone 13 Mini integration (in my case) on the Integrations page, and then re-installing the app did the trick. It was interesting that it even persisted across a new installation of the phone app (all data of the app is deleted in that case) and even a new installation of HA as long as the iPhone didn’t get the app removed as well – both parties involved keep data they shouldn’t keep).

So, what helped in my case: delete (not just remove from Home Screen) the app on the phone, remove the integration for the offending device on the Integrations page. Re-install the app from the app store, log back in.

I just had this today on 2023.5.1 - I will try deleting the app and re-installing. Thanks for posting your solution.