-
Notifications
You must be signed in to change notification settings - Fork 35
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
ADT / Alarm.com now requires 2FA #21
Comments
@mikesalz, the plugin doesn't support 2-factor authentication. The workaround is to create a new sub-account that doesn't require 2-factor using the alarm.com website. The procedure is similar to that in the Multiple Alarm.com Installations section of the documentation. @uvjustin, this comes up often enough that we probably need to add this information to the docs. |
@aechelon That's a good suggestion, but having just gone through setting up a secondary login, that account faces the same issue. Logging in brings up a page forcing setting up 2FA, it does not bring you to the primary screen. |
Interesting. That behavior must be vendor-specific. I don't see the same with Brinks/Alarm.com. |
Yeah, it kinda blows. Any ideas how to get around this? Or am I screwed now? |
Surely there must be a way to disable 2-factor authentication... Not ideal from a security point-of-view, but at least it would get the plugin working again. |
Is this on ADT's website or alarm.com? |
Same here. I input my credentials on alarm.com and then get forwarded to ADT. [https://control.adt.com/system-install/login-setup/two-factor-authentication/overview] |
@aechelon I don't know what's going on here. This is weird. Most of the time the website acts how I described. But sometimes it lets me right in. When I restart HA, I'm still getting the error messages I originally posted. Do these look symptomatic of having 2FA enabled? Or could it be a different issue? |
I have new info! I called ADT support. They said that there have been some changes (Not clear if these changes were on ADT's side or alarm.com's side). When logging in through alarm.com, they said they will always require 2FA moving forward. However, if you log in directly through ADT's site (https://control.adt.com) you can skip/disable 2FA. Given this, is there any way I (or you) can change the URL that the integration uses to log in? |
I'll defer to @uvjustin, but I believe that the pyalarmdotcomajax library used by the plugin connects to a web API URL, which is not the same as the URL you would use to connect to alarm.com in a browser. That URL looks something like this: https://www.alarm.com/web/api/systems/availableSystemItems. This would indicate the change for 2-factor is on the alarm.com side of things, however if that were the case then everyone who uses alarm.com should be seeing the issue as well... |
I'm having the same problem. Using ADT/Protection One with Alarm.com. I been using a separate account for year with no problem until last night. Getting the same errors as mikesalz.
Any help resolving this issue would be much appreciated, |
Hmm, that's interesting. We can try to help a little but it will be hard for us without this ADT issue to be able to make many changes or help troubleshoot. When you log in through https://control.adt.com , what url does it end up redirecting to? |
The https://control.adt.com/ site redirects to Alarm.com and brings up a page to setup 2FA. For me, it doesn't have a skip button to continue the login. When I go directly to Alarm.com, It shows the same page, but has a skip button. redirect form: https://control.adt.com/ Logging directly into the Alarm.com site should the skip button mikesalz mentioned in his post. Thanks |
Unfortunately just having that click through page is already different than what I have access to on my end, so I won't be able to make a workaround without access to a subaccount. |
Hi @uvjustin - I can create a secondary login for a limited amount of time. I want to be very cautious with this, for obvious reasons. Would a Read Only account be sufficient for your testing purposes? For how long do you think you would need the login? |
I think a Read Only account would probably work. I probably won't need it for more than a day or two. -----BEGIN PGP PUBLIC KEY BLOCK----- mQGNBF+t5QUBDADI9XEvcTGN1lx1K41uA/F1Myac5ah3TDJQTZkA2FVPNwj5d8+B |
Are you also @uvjustin on the Home Assistant forum? If so, I can just send it to you in a PM there. Even encrypted, I feel weird about posting it here. |
OK, send it there. |
Sent. Please let me know if you got it. Thanks! |
Just pushed the changes to the library and the component. See if it works for you. |
The updated library is working for me, after adding |
@mikesalz was able to get it working too. I hope this fix holds and there aren't more changes on deck. Unfortunately if the ADT portal diverges more from the standard ADC one, it will probably be hard for me to keep up with the changes, so we will need someone either to help update/maintain the ADT code here or perhaps to fork the component/library to an ADT specific one. |
@uvjustin - Thanks for you help with this, I did not change update the code and the site just working again? My pyalarmdotcomajax.py file is dated 3/18/20. Would you still recommend I update the code to the latest? |
If it's working for you then there's no need to update. Maybe they removed the 2FA check so the workaround is no longer necessary. |
Ok. Thanks again for your help.
…On Sun, Nov 15, 2020 at 10:57 AM uvjustin ***@***.***> wrote:
If it's working for you then there's no need to update. Maybe they removed
the 2FA check so the workaround is no longer necessary.
—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub
<#21 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AMDB32XUSOCI67BJZPEIR4TSQAQBDANCNFSM4TR77JMQ>
.
|
@jxbrown Not sure how it is working for you? Just now I took out out |
@mikesalz - I'm a Protection One customer so we may have a different ways of connecting to Alarm.com |
@uvjustin Would you believe they took out the Skip screen!? I happened to restart HA today, and when it came up the Alarm.com integration didn't load. I opened alarm.com in a browser and logged in, and it took me straight into my account, without the Skip screen. So I commented out |
OK, well I'm glad it worked for a week or so. As long as the regular non ADT way still works I won't change anything. |
@uvjustin And now the Skip screen is back, and it is forcing 2FA! ADT sucks. I switched my config to adt:true and it started working again. I know you've put a lot of time into this thing, but I'm just curious... How hard would it be to build in an automatic try so that if adt: false does not work, it fails over to adt: true? |
Not hard, but I would do it the other way around, first trying the ADT way if adt is true and then trying the normal way if it doesn't work. Doesn't make sense for us non-ADT users to try to use the ADT way if there is some error. |
That makes sense. Is that something I can/should do on my end, or are you thinking you'd make the change to the integration? |
If they change it back again, PM me another temp login. That way I can make and test a change to the ADT code that will fail over to a non 2FA login. |
You got it. Thank you, kind sir! |
@mikesalz - Are you having issues again? I rebooted last night and now I'm getting this error. **Logger: custom_components.alarmdotcomajax.pyalarmdotcomajax Unable to extract system id from Alarm.com** @uvjustin - I'm seeing this error as well. **Logger: homeassistant.components.alarm_control_panel Error while setting up alarmdotcomajax platform for alarm_control_panel Should I upgrade the code to use the ADT flag? Here's my directory structure if this helps. Thanks |
@jxbrown I have had to toggle back and forth between have that flag set to true and false, depending on what ADT feels like doing that day. Mine is currently set to true and is working. |
@mikesalz Thanks. That helps. @mikesalz @uvjustin Alarm.comalarm_control_panel:
|
@jxbrown Here is mine. You are missing is
|
@mikesalz This was pretty old install - I did not use HACS. Can you send me a link to the install guide? Do I need to do an uninstall before using HACS? Thanks |
@jxbrown There's not much to do to uninstall it. Just delete/remove the alarmdotcomajax folder from your custom_componets directory. You might want to temporarily comment out your config until you have the new version installed. Then install HACS (Home Assistant Community Store) via the UI using Configuration > Add Integration. It should give you any instructions you need for installation. Once HACS is installed, you'll see a new HACS button on your left menu in HA. Go there to install individual integrations, such as alarmdotcom. After you get that installed, uncomment your config and remember to change alarmdotcomajax to alarmdotcom. HACS has all sorts of great integrations that are not natively available in HA. There is also a bunch of garbage in there. =) But you might come across some other integrations that are useful to you. And updates are maintained in HACS. |
@mikesalz Thanks! I'll give it a shot and report back. |
@mikesalz - I could not find the HACS Integration so I installed via the readme on this page. Here's what I noticed. When trying to login via https://control.adt.com the system redirects me to https://www.alarm.com/system-install/login-setup/two-factor-authentication/overview and forces me to setup 2FA. No skip option is available. Here's the error I get: I use protection one alarm system and login into Alarm.com directly. It brings up the 2FA screen but I'm able to skip and continue on. Wondering if you login into Alarm.com https://www.alarm.com/ if that works for you? @uvjustin - Is there a way you can create an 2nd option for those who use Protection One or login directly to Alarm.com (https://www.alarm.com/)? Thanks. |
@mikesalz - Can you reopen this issue for tracking or should I open a new issue? |
@jxbrown I don't understand - Do you have an ADT system or a Protection One system? I think @uvjustin made changes to the integration specifically for ADT. I would just create a new issue. This one is closed, so @uvjustin may not even be following the thread anymore. And in the meantime, work on getting HACS installed. That will make your life much easier! https://hacs.xyz/docs/installation/manual |
@jxbrown Just to make sure, you are clicking the bottom right "Explore & Add Repositories" button, right? I just checked out HACS. It looks like the search omits any custom components you already have installed. So if you still have your old version installed, it might recognize that and screen it out of the search. Just a guess. The name is Alarmdotcom. |
@jxbrown Glad you got it installed. I know your issue isn't resolved just yet, but at least you have an easy way to keep up with updates now. |
@jxbrown (and anyone who might be encountering this issue) Just an FYI - I started encountering new issues with my ADT login (again!!!). @uvjustin jumped right on it because he is awesome, and came up with a new solution. The adt: and protection1: parameters are going to be deprecated, and will be replaced with a cookie that is set when logging in through the alarmdotcom portal. See readme:
|
@mikesalz Thanks for the heads-up. I noticed with 0.1.7 that the account I use for Alarm.com repletely tries to login. I rebooted and the account tried to login 47 times in one minute. I'll try 1.8 to see if that helps. |
I noticed my alarmdotcomajax installation stopped working last night. Errors below.
Probably not coincidentally, when I logged in to the alarm.com website I was forced to enable 2FA. Does alarmdotcomajax
support 2FA?
The text was updated successfully, but these errors were encountered: