Question about remote access and password expiration

Hi,

I did a lot of reading on the forums on how to get remote access (WAN) to my Vera2 running UI4 and got it working with only one concern.

I am running the Vera2 as a switch behind my primary router. I port forward all incoming port 80 traffic to the Vera2 and require a password for local access of the Vera2.

The question is that there isn’t a “logout” button and once I enter my username and password for the first time, I can close the browser and reconnect without having to enter the username and password again. This has me concerned about someone, somehow being able to piggyback in to my connection and access the Vera2. Is this possible? (I can upgrade to the SSL code I saw in another thread if that is the trick.)

What is the timeout for the unit to consider me logged out and so that it will ask for the username and password again?

Right now I don’t have anything connected to my Vera2 so there is nothing to be controlled but soon I will have a kwikset lock and thus my concern.

Thanks,
Chad

Are you connecting with a LAN IP address or with cp.mios.com?

That’s a great question…when I hit the vera from cp.mios.com with my smartphone then I do see a logout button but if I access the vera directly via the browser then I do not. I also have the homebuddy app for android and not sure how that does its access either.

Interestingly, I have this same issue with accessing the webserver for sagetv but I never gave it any thought before.

I wonder if using a vpn or ssh in from the phone?

Chad,

Usually authentication on LAN is not enabled in Vera. Did you enable it? In case not and you need it, login in cp.mios.com, click settings, and set Require local http authentication to yes. Enabling this option will request user and password even in your LAN.

As far as I know, HomeBuddy can connect both local and remote. For remote you can config the user and password.