Removing the ability to arm/disarm alarm, or how can i obfuscate alarm codes?

[bengeek2]

Is there any way to remove the ability in home assistant to arm/disarm my alarm, but still be able to poll its current state? I would also be ok with setting a code instead of removing it fully, but it is stored in the web ui as plain text and isnt much barrier to disarming the alarm. Is there a way to obfuscate or encrypt this code, or remove it from the web ui?

[tsightler]

This question would have been better asked in the discussion section, there's already a similar topic there already.

Regardless, the short answer is no, it's not possible. You can manually configure an Alarm Control Panel and define whatever code you want there, but then the code would be just be in the HA config instead of the addon config. Realistically, the code is not secure from HA admins, but non-admin HA users shouldn't be able to see it as they should not have access to the addons setup page anyway.

You could use mosquitto ACLs to restrict HA from being able to send commands to the alarm command topic, that's probably the safest thing to do anyway as otherwise users could just bypass and send MQTT commands directly, which bypasses the code anyway as the code is implemented in the HA UI only.