@anakinsbrn , @MissyQ
Let me describe it better for you:
I own a house and I have integrated a lot of smart stuff in it:
Lights, Covers, Garage Gate, Door Locks, Heating System (heatpump, thermostat, etc), Alarm Panel and security sensors, Security cameras, Robot Vacuums, Multimedia, and so on. I use Home Assistant to have a centralized Control and Automation System.
As an “installer”, “admin”, “maintainer” and “the main user” of the system I understand very well how the system functions, how to change and modify things and also know how “not to break” it or fix it if it breaks. Obviously I need to have full control and access to everything in the system.
My family also enjoys our smart home. They like the convenience of automated climate, doors, gates, lights. But sometimes they need to control things on demand. One example would be: change light colors. Another one: change mode and temperature of the ventilation system. Yet another one: request for more hot water
from the heat pump. For some of these action I have installed dedicated controls: buttons, switches, etc. But a lot of controls and also automations are possible only via a rich GUI. In our case it is Home Assistant mobile app.
I have designed a number of dashboards for my family to use, everyone likes it, end of story.
But there are some issues related to current implementation of HA:
- Not all my smart devices are equal. Some are there for fun (multimedia) or for comfort (lights, climate). Other are needed for proper house operation (ventilation system, heatpump, boiler, circuit breakers, sensors, etc). Some are critical for my family safety and my property security (alarm system, cameras, locks, garage gates, etc).
- By installing Home Assistant app on my family member devices I virtually grant those devices full control over each and every device. This includes critical infrastructure and security systems. Custom dashboards explicitly expose controls for some of devices and entities, but other “critical” devices and entities are “visually” hidden. Not secured, not protected, just hidden. And the bad thing - there is still access to them through the app. Via search, via history, via hacking into backend with the least privileged “kid” user credentials.
- Mobile devices can and will get in wrong hands. Sometimes people lose their phones, sometimes classmates or friends get unauthorized access, sometimes hackers get remote control over them. Anyone who gets access to a phone with HA app connected to my home assistant can open my garage door or any door lock, turn-off circuit breakers, damage my heating system, turn on alarm siren, and do a lot of bad things to my property. It is really easy in current HA app. Also if it would be hidden on UI level, but accessible at the backend - malicious actor would still be able to do damage with the least privileged “kid” account.
- My kids are explorers. If there is any way to break into “hidden” settings - they will get in. They will poke around. They will break things. This is OK. It is my responsibility to setup the system properly and protect critical infrastructure. I expect HA to help me secure that. It does not.
I need HA to help me really protect what needs to be protected: critical devices, configs, automations.
Security through obfuscation or through hidden UI elements will only get you that far. A proper Access Control at the backend level is A MUST for HA to be considered “Family friendly”, I’m not talking about business use-cases even. Today HA as is - is unfortunately just “admin-only” system.
Until proper Access Control is implemented unfortunately there is only one option: block all users except admin and uninstall HA app from my family members phones. It’s a major drawback.