This is the forum archive of Homey. For more information about Homey, visit the Official Homey website.
The Homey Community has been moved to https://community.athom.com.
This forum is now read-only for archive purposes.
The Homey Community has been moved to https://community.athom.com.
This forum is now read-only for archive purposes.
How secure/safe is Homey?
G4nd41f
Member
I have installed a Nuki Smart Lock in my home and think about giving Homey access to it. However, I do have some concerns about security and how anyone else but me could enter my home. My plan was to use Tasker as soon as my mobile connected to my Wifi, to change a Better Logic variable (as seen in https://forum.athom.com/discussion/996/tutorial-using-tasker-together-with-homey/p1), which triggers a flow that opens my entrance door. Would you do that?
I see the following risks:
-Someone could steal my phone and would have access to my flat, but he would also have that if he stole my keys.
-Someone could access my Homey and open my door. I chose a long password with upper/lower case characters/numbers/special characters for my Athom account, which I feel to be safe. But as far as I understand, that information is not directly used to access Homey. It is only used to authenticate myself to the Athom servers, which forward me to my Homey with a security token. What if someone gained access to that security token and the Homey ID? How safe is the connection to the Athom servers and from them to Homey? What if the Athom servers would be hacked?
-Someone could manipulate my Android phone to make it change the Better Logic variable to open my door.
Am I too paranoid? Is any of the lower two scenarios realistic? What risks do you see?
I see the following risks:
-Someone could steal my phone and would have access to my flat, but he would also have that if he stole my keys.
-Someone could access my Homey and open my door. I chose a long password with upper/lower case characters/numbers/special characters for my Athom account, which I feel to be safe. But as far as I understand, that information is not directly used to access Homey. It is only used to authenticate myself to the Athom servers, which forward me to my Homey with a security token. What if someone gained access to that security token and the Homey ID? How safe is the connection to the Athom servers and from them to Homey? What if the Athom servers would be hacked?
-Someone could manipulate my Android phone to make it change the Better Logic variable to open my door.
Am I too paranoid? Is any of the lower two scenarios realistic? What risks do you see?
Comments
But everything is hackable. The change you will have a hacker in front of the door at midnight is much smaller the a bucket with a klopsleutel or a brick.
My danalock reports back in when it gets turned open. So for me it's much safer then a normal key lock that doesn't report a key turn