WTH Why can’t I do a password reset when I forget my HASS password?

This will be possible in the next release (0.115), admin accounts can change password directly from the UI.

Password-Change-Demo-HA-115

15 Likes

Talk about quick work. That was all of 11 minutes to get done. :rofl:

Haha, I can’t take credit for that, was actually added to developer builds a couple days ago.

0.115 is going to be a very epic release :slight_smile:

1 Like

Looks good - and @hanerd you’re right - I’ve actually been deleting the user and recreating it with their desired password.

What I would still like is password reset for those who can’t remember their password - ie, they get a new phone, open HASS and can’t remember. At that point, I’d like a password reset function they can manage themselves.

Having said that, at least a change password option in 0.115 is a step forward!

Thx
JP

So why then have any password at all if a user can just click ‘forgot password’ and then login anyway… great security!

Why don’t you set up trusted networks/users? You can probably do what you need to via that.

Um… Am I missing something? Many websites have a “forgot password” function and are secure. I’m not asking for anything controversial here.

and they require some kind of validation like an email to be sent…

I think that’s implied in the request. What could work is using a notify platform (e.g. notify.mobile_app) to send a verification code to an already authenticated device that could then be input to reset the password.

Is that why there are no beta release notes this month? (keeping us in suspense!) Unless the URL has changed…?

there is no beta till next Wednesday
see here
Home Assistant Developer Docs | Home Assistant Developer Documentation
They seem to have changed it again and it’s now Monday for the beta to start…
image

1 Like

Oh… Have they moved away from 3 week releases again?

(Sorry to sidetrack this thread)

nah, i think its to coincide with birthday

Beta should have started last week so they pretty much skipped a whole cycle…
(You can scroll down and see 0.116 release and beta as well)

So a bit off-topic, but the cycle has been extended for two weeks, one-time only. So, 0.115 is a one-time 5 week cycle. Reasoning for that is A some big feature we want to get right, B our birthday and C WTH. After that the normal 3 week cycle returns. Because of the size of the 0.115 release, we’ll be running a longer beta as well (1,5 week).

6 Likes

Thanks for the update Frank. I just like to tease myself reading the upcoming release notes :slight_smile: I’ll stop diverting this thread now :zipper_mouth_face:

1 Like

Seeing that this is solved in the next release, I’m closing the thread.

I don’t agree, the WTH still stands IMO.

Why can’t I do a password reset when I forget my HASS password?

With 0.115+ you can easily reset passwords for other users, and there is a CLI option for owners to use.

So far, so good :+1:

But we have the person integration now, that ties a user and a device tracker (usually a phone).

Most phone trackers also have push capabilities, there must be a way that we can securely request a password change by utilizing that route?

2 Likes

Ah ok, makes sense. Open it is. EDIT: I’ll remove the solution then too.