To centralise Questions and Answers around Two Factor Authentication! (2FA) with your Homey Account I suggest keeping one topic. This opening post will be updated is necessary. Ask your questions in this Topic!
Q: I lost my 2FA App/Phone and Can’t Login. (I have no backup of my Authenticator App)
A: contact Athom Support
Q: Is there a backup option for when I lose my Phone or App?
A: No, there is no backup option in the Athom 2FA Account.
Backup (of TOTP) can be implemented in the Authenticator App
or
as simple as screenshotting the QR code and storing in a save place for later install of the TOTP account in your fresh installed Authenticator App on a new phone.
When you say two user on one account, do you mean you have added a user via the Family settings or that you log in on two devices using the exactley the same details?
If it is the Family option then they will remain logged in (I have just verified that).
If it is the second scenerio then I think they stay logged in but will need the 2FA code if they log out and back in. I say that because when I enabled 2FA via the web site, my phone continued to work and I had to log out and back in to bring up the the 2FA code prompt.
Workaround : I would suggest to go via eg. using Android APP Aegis 2FA (free of charge) - https://play.google.com/store/apps/details?id=com.beemdevelopment.aegis&hl=en_US&gl=US, it allows you reveal TOTP seed after you scan your QR setup code, which you can eg. setup in the Keepass (https://keepass.info/) and TOTP Plugin or built-in - so you will have it at least on two places… and even autologon option even when using 2FA, eg. from your laptop/PC.
From what I know, after the first logon to Homeydash, you can retreive a token via homey.ink and that token is used to authenticate.
That token is valid until you change your password.
That is the way to log off, and ‘cripple’ your token.
2FA, if enabled, comes along when you want to log on again @ homey.ink to get a new token for use with homeydash.
I hope I explained it well. Pls correct me if I’m wrong
No you should also have 2FA there because the accounts site is shared. If you already logged in on accounts before you don’t have to do it seperate for each website/application.
Correct, Athom uses accounts.athom.com as authentication provider for all their sites
(Like login on at a 3rd party Website with your Google/Facebook/DigiD ID)
but also shares the current status (Probably Cookie) in the same browser environment.
Login in in other browsers or an App requires authentication so a Username, Password and 2nd factor the Time based Code.
This differs slightly between sites with an HomeySelector and sites requiring you to select homey before opening the site and sites without knowledge of your Homey (Community)
Another Browser as with the login in an App requires re-authentication.
