+34
Under review

Streamlined sign-in from car (e.g. 4-digit PIN)

mkolowich 3 years ago updated by Silicon Desert 1 year ago 6

This should probably wait until we see the browser revisions that are due in the next few weeks, but once the Tesla browser is revealed, it would be great to evolve to a simple PIN-based approach to signing in to TeslaFi from the car.


How this works will depend on: whether the new browser supports cookies; whether the new browser is detectable as a Tesla browser; and whether there is a way to detect that a specific vehicle is accessing TeslaFi.


But the closer we can get to "enter a 4-digit PIN" on sign-ins subsequent to the first from the car, the better

    Or even not having to enter a PIN at all (well, an option once a cookie is set) - in many cases it'll only be the owner likely to attempt to access anyway.

    +1

    agree with this except cookies don't work in the car as far as I understand from one of the developers.

    +3

    Another app has come up with an elegant solution to this.  A signed-in user has the option to generate a URL that has a secret authentication token built into the URL as a parameter, and then bookmarks that parameterized URL rather than the general Teslafi.com URL in the car browser.  This way, whenever that bookmark is accessed in the car, Teslafi is launched and logged in.


    I'd love to see Teslafi implement this method before Autopilot drives me into a tree while I'm entering my username and password!

    Under review

    This seems like a pretty big security risk to login to your full account based on accessing with a url.  Do they have a special page that comes up when accessing directly from the url?  For example a page that doesn't allow for editing, controls and etc?

    I agree with James that it can be a security risk to just have a secret token on a URL if it gets into unauthorized hands. 


    One method done with mobile logins on a project I worked on:

    A token as mk mentions above is tagged onto the end of the url.  In this case it could be as simple as the last few digits of the car identifier.  The customer stores the URL in their favorites in the mobile device.  In this case, the Tesla's browser.  When the url is accessed, it sends a 4 digit code to the user's cell phone for them to enter on the web site.   It's not as easy as just clicking on a cryptic URL, yet still easier and faster than entering a username and password.


    Separately, I have also seen Samsung and a couple other companies use that idea to connect a smart phone to a TV for streaming.  A couple financial sites also use this method.


    At home I use a password manager program to just click on an icon and automatically login to TeslaFi, but as far as I know, there is no such thing for the Tesla browser to make logins easy.

    +1

    While on this subject, I thought I would add that one of my friends at Tesla said the Tesla browser has a unique browser signature, thus web sites can determine the browser type and realize the request is coming from a Tesla as opposed to maybe a computer browser or smart phone.   Maybe that helps with coding or maybe it doesn't.   I do agree this would be nice to have a more streamlined way of logging in from the car.  If anyone can figure this out, it will be James.   From what I see here, he is one really smart web dude!