Message "Login attempt failed"

Hi,
I got this message in my Home Assistant UI a few times a day:
Login attempt failed: login attempt or request with invalid authentication from 172.30.33.2

I think its the IP from the local API. But what can cause this problem?

Thx for helping

1 Like

if your normal IP addresses follow the format 172.30.x.x then it’s local.
If they don’t follow this but tend to follow the default 192.168.x.xm then someone has found your HA server and is trying to log in.
Set up ip_ban_enabled at the very least. you may also want to review your security setup

I have the exact same message.

Thanks for reply.
My Local IP is 192.168.x.x
But 172.30.x.x Is also a local address range. So I dont think its “someone how found my HA”.

I upgraded today to HassOS on Raspberry Pi 3.
Before I was running the old Hass.IO image. There I got the same message but with a little different IP: 172.30.33.0

So I think the problem cause by an hass.io addon using the local API

172 is the docker container - not a hack

2 Likes

Ok,
but what cause this issue??

are you using the new auth? Is legacy_api enabled? If the addon is using a legacy api with legacy not enabled it will cause it.

I was more commenting on the hysteria that you have been hacked.

YI think I’m not using the new auth system. This are my http settings. I read the developer Blog. Do I have to enable the new auth system If I’m using hass.io? I dont get it

   http:
      api_password: !secret api_password
      cors_allowed_origins:
        - http://192.168.2.25:7080
    ##  ssl_certificate: '/ssl/cert.pem'
    ##  ssl_certificate: '/ssl/fullchain.pem'
    ##  ssl_key: '/ssl/privkey.pem'
      trusted_networks:
        - 127.0.0.1
        - 192.168.2.0/24
      ip_ban_enabled: True
      login_attempts_threshold: 5

I’m not afraid of been hacked. This Message in the UI is just very annoying!

3 Likes

add 172.30.0.0/8 to trusted networks

You will be forced in 0.77 to use new auth I believe

3 Likes

Seems to work. Thanks a lot

1 Like

edit:
But it must be

172.30.0.0/16 or 172.30.33.0/24

You’re right. /16

can you please explain how/where to set this trusted network.
I’ve tried the following with no luck
in my configuration.yaml

under Http:
use_x_forwarded_for: True
trusted_proxies:
- 172.30.33.2
trusted_networks:
- 172.30.0.0/16
- 172.30.33.2

I first tried just the trusted network and that didn’t work so I tried trusted proxies…still getting
Login attempt failed: login attempt or request with invalid authentication from 172.30.33.2

i got this problem after update too .when i use google assistan (iftt=> Webhook)
i can’t set trust network like that coz i use mobile data net work it random IP.
Please help i saw it need to authentication in .ymal file but i can’t found it ( forgot what it is sth like longlife …)

After login into Hass click on your user icon. On the very bottom of the page you can create so called Long Live Token access. There is also a link, where you can find more info how to enable access…
But in your scenario I guess that its not your cell phone actually doing access?!

1 Like

Thanks!
i’ll test it out.
about phone access for controlling homeassistant like Light,door,and more.
before version 0.77sth, it’s work fine ( i use IFTT => google assistant=>Webhook ) Webhook need " (http://xxx.xxx.xxx.xxx:8123/api/services/homeassistant/light/turn_off?api_password=xxxxxxxx)"

I’ve got like the same issue with the login attempt failed error.
I’ve logged in with the “new” authentication on the app, but also filled in the legacy API password in the settings.
Everything seems to work just fine untill I sent a notification to my phone with actionable items.
As soon as I press one of the defined actions, I get a “login attempt failed” and the action does not get executed.

I have the same issue
there is also a bug open on github. but it seems no one looks into it

Are you guys using the iOS beta app?

I tried it also with the beta app. was still not working