Two-Factor Auth on TCC App

All Honeywell Home evohome general discussion in here! *PLEASE NOTE* Official Resideo technical support is on 0300 130 1299.
Post Reply
JonW
Posts: 1
Joined: Tue May 18, 2021 10:24 pm

Two-Factor Auth on TCC App

Post by JonW »

Is there an option somewhere to enable two-factor authentication for the TCC app? I cant find it anywhere, and concerned that my boiler controls are protected by just a password. Given that the app provides control for home security systems, this kind of application security must be possible somewhere?
Top
User avatar
Richard
Site Admin
Posts: 1199
Joined: Fri Jun 10, 2016 4:08 pm
Location: Mid Wales
Contact:
Contact Richard

Re: Two-Factor Auth on TCC App

Post by Richard »

Two factor is present on the evohome security side, but none of the heating control apps I know of have two factor?
Home: 2012 Built Oak & Timber Frame Home (EPC Score 95 - A Rated)
Renewable Tech: GSHP, Solar Thermal, Solar PV & 20kWh Battery Storage
Smart Home Platform: Home Assistant, Shelly & Salus Smart Home
Top
mrlm
Posts: 2
Joined: Fri Dec 08, 2017 9:59 am

Re: Two-Factor Auth on TCC App

Post by mrlm »

The website does use Multi factor Authntication - the security system is controlled by a second username and password you have to use after the first one.

While this isn't as good as a rolling code MFA system, from an IT security point of view there is absolutely nothing wrong with sensible password usage.

If you reuse a password inappropriately you are at risk from a flawed system design which has plaint text password in a DB that gets leaked which can the be tried on other systems. If you don't do that then Honeywell would have to suffer the leak in two separate systems which is unlikely to happen. Providing their design is sensible it cannot be brute forced even with access to the hash.
Top
Post Reply

Return to “Honeywell Home evohome”