What means "Insecure secrets in ..."?

I’m getting an error for my Spotify secret. I changed it, and I still get the error. I took my secret to haveibeenpwned.com and I don’t get a warning on the site. Something seems wrong.

I tried that solution, but in that case I receive a notification that a notification has been blocked, so not useful…

Thanks anyway.

As suggested by @123, I have blocked (temporarely?) api.pwnedpasswords.com via AdGuard coming from HA IP

1 Like

Do you see the comment at the end of the automation?
“Remove this after testing?”

Did you remove “this”?



I haven’t noticed the comment and the code to remove…

I will try now.

1 Like

May I ask how you did this?
I have installed Adguard in HA and added api.pwnedpasswords.com and haveibeenpwned.com to the custom filters section but I am still getting the nag notifications.
am I missing an install step in Adguard or putting the site in the wrong section?
Thank You.

I’ve solved using this code:
and removing the code after the comment

# Remove this after testing :-)

My Adguard problem was down to my stupidity. Would have helped if I had pointed HA IP4 DNS entry to the same IP as HA (which of course Adguard is running on).

I tried to change the mosquitto password, but it doesn’t work (also changed in mqtt devices) I tried to uninstall and reinstall the addon but it doesn’t work. Anyone have a solution? Maybe you need to delete some files, but I don’t know which one. (sorry for my English)

I had to play around with it too.
Try removing the user password option in the MQTT configuration. Then either set up a new HA user or use another HA user credentials. The broker allows access to all home assistant users.

Thanks, it worked.

1 Like