I understand those options but none of them secure the traffic from the end node to the device. I just want an option to flip a button and have http redirect to https. And the ability to upload my own cert for https
All good. We disagree on some points and that's OK too. Security is not a waste for sure. I'm an IT consultant and do the preach and teach dance with my clients all the time. So few follow and some pay for their mistakes.
Having the ability to secure one's network environment is what many of us possess, but that's not common. We're not the average consumer, who often just want simplicity and that's a tough balance.
3 Likes
I can agree that something like MFA can use a lot of engineering cycles to get going and the userbase that used it would be pretty small. However I have seen numerous post about HTTPS and redirects with almost no responce from HE (that I recall seeing)
I cannot say for certain as I haven't personally dug into The exact architecture of the HE but typically enabling https redirect and doing some lightweight cert management (determine if its a valid cert before accepting) is typically not something that would require a huge push from a development team and has a huge bang for buck as far as security posture goes.
Again the everyday user might not use the features. But the feedback that this topic has typically gotten has been, build an reverse https proxy server. Or VLAN the device and reduce access. (Proving the active community is not the everyday user) Which are vastly more technical than click a box be more secure(and suffer some nagging from your browser)
The system runs a https site already. Why should we need all of these other hoops to use it exclusively.
Sorry @pforlini for hi-jacking this thread completely. Being a privacy minded person is what drove me to HE..local control. I am just trying to get some more of the basic security to go along with it.
@Hasty1 no worries. I dint think this topic would get so much interest. But I can say I was surprised I did not see other posts about it. As with any great platform certain things should be optional. I work in the IT industry myself and as some suggested MFA and Https are now baseline security protocols.
I think some are a little misled about how much of a Pita MFA would be. I use almost 10 plus services with MFA and most rarely bother me. The main protections would be for new signins or signins from unknown locations.
Let me say by how blown away I still am with the hubitat platform coming from wink, and seriously smartthings.
I am recommending this to anyone who takes home automation seriously. That being said I think adding some of these security protocols would make the platform even better.
For most wanting to fully automate as much as possible having any locks and garage doors etc would make security of the platform very critical. Even if you have a well protected lan behind a firewall , there have been newer attacks that can infiltrate wifi networks with baseline security. Security is about layers, and adding a layer to a platform that controls security would make sense to me.
Eager to see what others have to say and what the future holds for this platform. I know I'm just getting started.
2 Likes
Hey! 
I missed that reply before. Just you. I’ll trail off mid sente....
1 Like
Well played sir! Well played.
S.
1 Like
It was just a couple of us being goofs. Chuck changed his to regular, so I changed mine to diet.
But where do you go from Diet? I may just switch back to regular, unless someone has a better suggestion.
And watch yourselves. 
This is a family channel! 
"With Real Cane Sugar" would seem like the obvious response. I mean diet Pepsi to throwback Pepsi with real cane sugar!
S.
1 Like
No Lead
1 Like
You mean without 82Pb, or I should just get to the point more often? 
1 Like
Like before MTBE. As a euphemism for:
Coffee without caffeine
Drink without alcohol
etc
Note: I cannot be held responsible for things that just pop into my head 
2 Likes
MFA would be a great option. I would definitely use it. I don't find MFA to be a pain at all it takes so little effort and adds a much better layer of security. Unfortunately security is like insurance its better to have it and not need it then need it and not have it.
