I'd like to do this as well. I cannot find the option in HS. Is this possible now or on the road map for a future release?

Please don't take this the wrong way but why is this needed?

Do you have data on Homeseer that is so sensitive that you don't want it intercepted?

Just my login credentials... actually just the password. I prefer not to have to memorize yet another unique password, so I would like it encrypted.

Yes... I think we all do...

Homeseer logs could tell people when we are not home, or home if they are looking to do harm to us.

Also pranks are pretty easy to pull, and you certainly don't want someone logging in and just playing with things.

If you're not worried, send out your password and let some of us "tinker" with your system, and you'll see very quickly that someone could cause you a lot of pain.

The likelyhood that someone will do this is not very high, but the damages caused could be very bad depending on what you have homeseer capable of doing. From turning on gas fireplaces, to cranking up your heat or unlocking doors, yes this stuff is worth protecting.


Would you leave the key to your house on a string from the door knob? It's that easy to get your password on a non SSL connection.

Well said!

I was hoping for a response like this! The board has become stagnant lately and needs a healthy debate.

I'm not disagreeing with you, however it's all about assessing the risk. I rarely log in to Homeseer remotely that I accept this risk. I would also predict that 99% of Homeseer users do not use SSL and I have never seen a report of a password interception breach since I joined these forums. I'm not saying this is right or wrong and everyone has to assess their own risk.

how easy is it to hack someones signon? userid/psw? I thought that this was pretty secure....

You must be feeling much better Jon, you seem back to your ole self.

Yes thanks, I'm back at work now after two weeks off and my sporadic visits to the board

zimmer62 is correct.

These HS options would be good to have.

http: off, on, on and redirect to https
https: off, on

There could also be an option to just encrypt login credentials but that would require far more work than just adding an option to redirect to https.

I never get to hear that... haha... thanks... feels good when your wrong most of the time

Excellent ideas. I usually just connect to my ssl ports, but as Jon said, I'm not really that worried about the data... "who cares when my sump pump is running etc.." SSL is needed mostly for encrypting my password.

I'd like to request the next version of homeseer be built more around a security model, than as an after thought.

It would be nice to apply different security concepts to devices, events, events that have permission to control devices that a use does not etc... There is a huge possibility here, and right now it's either all, nothing, or view only.

I'd certainly like to be able to share some things and not others with the world, and give permission to certain things based on credentials.

Sorry that's outside the scope of this thread, just got side tracked....

SSL redirect is a good idea... I'm not worried about the CPU usage of SSL on my machine because I don't have many many people connecting to it at once so the performance hit is minimal. One thing to consider is I don't care if it's encrypted inside the house... probably faster if it's not.

Another side note... could homeseer support http compression? It's been a standard for over 10 years, I think almost all browsers support it

Sorry, the ADD is kicking in full force today.