I am thinking about controlling my garage door by using an MHCozy momentary relay.
This device shows up in devices as a generic Zigbee switch and has a momentary mode as well as a switch mode.
I am concerned about bad actors gaining cloud access to my Hubitat hub and opening my garage door. (So far, I have not put any devices that compromise security or risk fire or the like.)
My question: is there a way that when I access the device, Hubitat asks for a password or pin before firing?
Another thought may be to have the device totally hidden from the devices list (and therefore inaccessible from the devices page) and make a rule that accesses the device but handles going through some kind of notification process or text message, like a two step verification.
I approach this a little differently. I have no hubitat devices/hubs (as far as i know) accessible via the cloud. If there is anything i need to control remotely i export the device to homekit and let Apple handle it. “Should” work the same with google home, but i’ve not tried the android side.
If someone saavy enough to hack your WiFi and can figure how to use HE, me thinks they're on to bigger and better things, like infiltrating your network and connected computers/cellphones versus stealing your Honda or Javelin from your garage.
But to answer your question, no you can't set a password on a device but you can be clever. Name the device, like "siren" , "nightlight" or "lamp" so they have no idea. In addition you can create a pin protected dashboard, as others said, holding the incorrectly named device to further protect it.
You could also create a rule that turns on a siren if garage is opened and your or your wife's phones are not present, a kinda security system.
Yep, this... I've got emergency-level or high-level Pushover alerts tee'd up for all sorts of "this shouldn't be happening" stuff when we're both Away, including any manner of activity in our (detached) garage.
ETA - I've forever used Hub Login Security (password) for my Hubitat -- it's never been a hassle of any kind, and that gives me additional peace of mind security-wise.
For what it’s worth, I think the likelihood of being targeted by someone with criminal intent who lives close to your house, knows you use Hubitat, and is able to take advantage of some vulnerability in Hubitat’s cloud servers (which may or may not actually exist) to gain direct access to your hub’s connected devices like a door lock, so they can then get into your house and rob you blind, is almost zero.
And if you are at increased risk of targeted attacks like that due to the nature of your job, extreme wealth, public notoriety etc., then you’re probably not relying on an inexpensive, DIY home automation hub as a core component of your home security anyway.
Agree with all of this. I was just asking if the Hubitat Password did anything for the cloud since I do not use it. Anyone that I do not know who gets close enough to get onto my LAN is going to be challenged regardless (I live in the boonies). My understanding was that it just locks down the ability to open up the local instance without a password.
Yeah, AFAIK, that’s correct. Hub login security is for the hub’s web UI that can only be accessed locally by a direct connection.
I’ve never tried Hubitat’s remote admin service, so I don’t know if the login security is enforced when connecting through that.
Obviously, the remote admin connection itself is protected by a required login into one’s Hubitat portal account first, though.
I think the bottom line is that any hub with a connection to the outside world (or even the LAN) could theoretically become compromised, since the only way to guarantee against that is to avoid connecting it to any kind of IP network.
For most people, that trade off isn’t worth the limitations in hub features and functionality that would be a byproduct of such a severe firewall/air gap approach.
It doesn't really matter if they can just use a coat hanger and open your door by tripping the disconnect on the opener rail.
They could also just smash a window, which would be quicker and easier than hacking your hub.
Even easier, they can cut a hole in the wall of your house and never trip any alarm. Many homes don't have much between the inside and outside, some just use a layer of styrofoam.
Yes, a bit. But I don't think it hurts to keep some things private, I don't expose every device to things like Alexa, for example. I only expose things like lights we commonly turn on. Alexa doesn't need to know the occupancy of every room, and if windows and doors are open, that is a bit creepy.
I hope I am not interpreting that sentence wrong...
I do not advocate for Hubitat to be a primary safety/fire system, but tying into that primary system can be valuable. For example I have interior and exterior lights turn on and the furnace turn off if the smoke alarms go off. Window and door sensors and locks can alert me if they are open/unlocked when they should not be. I have colored lights in the garage that warn if the overhead door is going to close and when it is fully open.
I would also add that most people are not going to take the time to sit outside your home unnoticed trying to get access to your wifi. Most people aren't going to know you have home automation much less you're using Hubitat. Only someone who has been in your home would likely know that. No what's going to happen is they are going to either sit far away and watch you leave then either use a pry bar or a rock to break a window. Then they're going to walk through your house to the garage and open it from the inside then walk out with what they want.
