2FA MFA for HE mobile app

Is there any effort to implementing 2FA or MFA into the HE mobile app?

it seems that it would be pretty easy to brute force users accounts.
support for FIDO2, U2F, Smart card, OTP, OpenPGP 3 would make the app much more secure.

once authenticated you could give an option for the app to be remembered so that MFA is only asked once. or once a month or once a year. etc...

Im wondering if failed logins to the app logs the users account or is it give unlimited tries to guess the password.

Since the user name and password is a hubitat.com user i would suggest also allowing an option for 2FA, MFA with the hubitat.com login also.

if I'm off on how i understand this please let me know.

2 Likes

It’s been asked about a few times over the years, and at some point it was said it was added to the list. However given how small the Hubitat team really is, I don’t think it is a very high priority. I also would like to see this added at some point.

2 Likes