Skip to main content
Question

Feature Request: Enable 2FA for authenticator app when using any public facing Sonos website

  • 18 May 2024
  • 4 replies
  • 185 views

With the introduction of the unwanted play.sonos.com which allows Public-facing access to your Sonos system, an attack vector has been introduced towards IoT Sonos products.

As a minimum, 2 Factor authentication should be introduced to allow users greater security over access to any Sonos websites, but in particular to play.sonos.com.

Another enhancement would be the option to turn off access via play.sonos.com to your Sonos system by implementing a switch in your Sonos profile (not in the app, because I am not upgrading to version 80 just to turn play.sonos.com off!)

This topic has been closed for further comments. You can use the search bar to find a similar topic, or create a new one by clicking Create Topic at the top of the page.

4 replies

C

Great post, exactly what I think about this useless web app.
I really don’t know why this doesn’t have more likes

S
Userlevel 6
Badge +2

There aren’t more likes because people are probably not finding this post, or they don’t understand the implications of the web app or what 2FA would do.

As I investigate blocking web access I’m finding out that I don’t like what Sonos speakers are doing. Mine are def going on my IoT lan soon.

B

I found out about this through a local Dutch forum (Tweakers.net). 
 

it's really unacceptable that such service is introduced:

  • without clear communication
  • with no opt-out 
  • with no proper protection (no 2fa)

Isn't there a port or IP address i can block on my router?

G

There aren’t more likes because people are probably not finding this post, or they don’t understand the implications of the web app or what 2FA would do.

As I investigate blocking web access I’m finding out that I don’t like what Sonos speakers are doing. Mine are def going on my IoT lan soon.



I wanted to do this too now but I have not been able to get my firewall rules setup correctly as of yet to also still allow my phone local access when on my primary LAN. I even have an mDNS repeater on my NAS

Terms & ConditionsCookie settings