Dual Authentication on Website

I have looked for this across the forum but not seen any reference.

Is there any plans to integrate additional authentication into Indigo web server. Thinking of Google Authenticator, Yubikey or DuoSecurity or something similar. When I look at Duo security I see there is an API that supports multiple servers and languages like Python.

As there is no ability to have multiple user accounts with Role based access, this would add an alternative layer of additional security to internet facing site.

Rgds
Ronnie

[jay (support)]

No, we have no plans for any other authentication except perhaps to change the authentication to be session based rather than HTTP digest.

We have multiple-user support on the feature request list though honestly it isn't very high in priority.

I might point out that while leveraging multi-factor authentication schemes makes security very tight, the single best thing you can do for secure access is to implement SSL access to your home automation system. The enhanced security going from an unprotected connection to a connection with SSL is far greater than going from an SSL connection to a multi-factor authentication scheme.

Many on the forum already have setup SSL connection - personally I, like several others, have setup Apache to do a reverse-proxy to Indigo's server; the far easier solution is to use the Prism Reflector as I understand it is a secure connection.

Adam