Securifi Community Forum

General Category => Ideas/Feature requests => Topic started by: dmwyatt on January 22, 2015, 09:54:45 am

Title: Enhanced Remote Control Security
Post by: dmwyatt on January 22, 2015, 09:54:45 am

Considering the damage some nefarious person could do by hacking into the Almond + system and screwing around with the devices controlled by home automation (locks, thermostats, etc.), I would love to see some sort on enhanced security that would only access only to approved devices.  I envision it something like Facebook uses - when an unknown browser/app attempts to log in, even with proper credentials, it is stopped and a text/email is sent to the registered owner to approve the new device. A unique PIN is then generated which the new device would have to use to gain access.

Title: Re: Enhanced Remote Control Security
Post by: eldaria on January 22, 2015, 10:03:52 am

2-factor authentication.
There is a PAM module for using Google Authenticator, could perhaps be used for increasing the security on the router and cloud.
A quick search indicates that there are some work in progress on adding this to OpenWRT so not to far fetched.

Title: Re: Enhanced Remote Control Security
Post by: mparadis on January 22, 2015, 11:55:39 am

Two factor sounds good to me.

Title: Re: Enhanced Remote Control Security
Post by: j8048188 on January 22, 2015, 01:27:15 pm

I'd love 2-factor if it worked the same way as Google Authenticator (TOTP). I don't like the confirmation email thing that Steam does.