Securing


One major advantage of Home Assistant is that it’s not dependent on cloud services. Even if you’re only using Home Assistant on a local network, you should take steps to secure your instance.

Checklist

Here’s the summary of what you must do to secure your Home Assistant system:

  • Configure secrets (but do remember to back them up)
  • Regularly keep the system up to date

Remote Access

If you want secure remote access, the easiest option is to use Home Assistant cloud by which you also support the founders of Home Assistant.

Other options are to use TLS/SSL via the add-ons Duck DNS integrating Let’s Encrypt or Let’s Encrypt. To expose your instance to the internet, use a VPN, or an SSH tunnel. Make sure to expose the used port in your router.

Extras for manual installations

As well as the above we advise that you consider the following to improve security: