Hi,
not a feature request for HA but for Nabucasa Cloud account administration.
Nowadays there shouldn’t exist publicly accessible services only secured by username/password but with MFA. Still, our Nabucase Cloud account admininistration is lacking MFA. Even thought I have access to:
Too much for not being secured with MFA.
Don’t forget to vote for your own request.
I’ve had it a couple of times where I had to login to nabu casa and remember thinking I am missing some 2fa layer. Definitely voting up!
How is this not a thing yet…should be number 1 on the list for security. Please give any updates.
Please, please, DO implement MFA. It scares me every time I login to this thing and am not asked for a 2FA authentication. Literally anyone in the world could login to my system, if they’re able to get hold of my password.
I was surprised there was not even TOTP as a possible option for 2FA. Please do implement this as soon as possible; I feel rather insecure using this service otherwise 
It is totally unacceptable that my complete HA environment is open to the world behind a username and password only.
This is exactly the reason why I now canceled my subscription (Even though I really would like to support Home Assistant).
I posted this discussion for over 2 years ago, still nothing happened. This is far too risky.
This is a showstopper for buying a subscription…
Agreed. I really love HA and Nabu Casa. But am seriously considering cancelling my subscription, because it’s such an egregious security vulnerability to expose my system to the entire world with simply a user ID and password. That’s really unacceptable in this day and age.
Same here; this is a biggie.
I decided to create a Nabu Casa account yesterday to support the project, and committed to a 1-year subscription before even looking at all the features offered after I logged in.
I was very surprised to see that the authentication settings didn’t offer MFA.
Wondering how this could be prioritized…
just signed up for the 1 month nabu casa trial - was extremely surprised there wasn’t an option for mfa. decided to search, as i was sure it existed and i was simply overlooking it… even more disappointed to find a 3+ year old ignored feature request for it.
it was already nabu casa vs cloudflare tunnel for me. i was leaning towards nabu casa simply to support the developers, but not sure i feel comfortable with my nabu casa cloud account missing this.
so am i, i just do not understand how it is possible to not mention it anywhere…
so no plan to support this vital feature?