Hey guys
I recently bought a yubico security key and now I’m searching for use cases. How about integration of WebAuth into home-assistant?
Some general information on FIDO2:
Here is a python library:
I don’t know much about how the auth provides in HA work. The last time I checked that part of the code, it was based on the what is now called legacy password. How much work would this be? I’m not a security guy but could it be an evening project for me?
This would be great to have as possibly a module with a hard requirement of Let’s Encrypt (or other TLS solution) as FIDO2 requires HTTPS (https://fidoalliance.org/developers/).
Could this be edited to feature request?
I actually should pick up on this, I already hat some prototype, but I never quite got it to work. Maybe I have the will to give this a second try soon, as I just lost my job and hove some time at hand xD
I hate to ask, but did anything happen?! 
I’m just looking to expose my HA to the internet and wondering about how others do it securely. Currently looking at CloudFlare Argo tunnel/Pomerium/X!
Logging into HA is different than exposing it to the internet. The built-in auth system (and built-in 2fa) should be secure enough.
No, I didn’t do shit …
Well, it’s kinda one and the same if you are trying to do BeyondCorp. But yes, I get your point
Being able to add the auth through something like Pomerium would be beneficial
I would like to help could you publish your existing code on github?