Hi All / @travisghansen .
No doubt you’ve seen the latest security disclosure, …
https://community.home-assistant.io/t/disclosure-supervisor-security-vulnerability
Out of interest, how are credentials stored? plain text? some sort of encryption ? … this vulnerability allowed remote access/ owning the system. Any system using external access could have been compromised.
I’m going to change every password anyway, and consider not exposing HA at all anymore, but just curious how it works as this is the only integration I use that has an admin login.