How do you handle accessing Home Assistant from wherever you are, using the companion app?
I can set up a vpn connection on my phone, but I’d have to keep it always on, to receive notifications from Home Assistant.
I can port forward Home Assistant on my router, but that would open the login screen to the whole internet. I would use a strong password, but is that enough?
What other options are considered safe, to keep the companion app connected to home assistant?
Nabu Casa
Alternatively, VPN on demand using pushover, sms or other for notification.
I personally wouldn’t expose ports.
Regardless of the route you go, I would create an automation to persistently notify you on a bad login attempt.
I’m using the Cloudflared Add-on, just working fine.
There are tutorials in the web.
Doesnt the nabu casa option also expose the HA login screen to the internet? Is there any special layer of security when using nabu casa?
Not sure about that… but I would do notifications on failed login attempts.
You can also set up MFA.
but I’d have to keep it always on, to receive notifications from Home Assistant.
Not necessarily, depending on the notifications you want.
You can install the HA app and have HA send notifications to your phone from automations. That part works without a constant VPN connection (and without Nabu Casa).