This thesis presents a comprehensive approach to improving the security of OpenHAB Cloud, an open-source platform for smart home automation. OpenHAB Cloud enables remote control of smart devices, making security a critical focus. The research emphasizes integrating Two-Factor Authentication (2FA) and addressing vulnerabilities to enhance resilience while maintaining usability. Through automated tools and manual reviews, vulnerabilities such as insecure coding practices, inadequate authentication mechanisms, and issues in third-party dependencies were identified and resolved. The implementation of 2FA added a crucial layer of security, effectively mitigating risks like unauthorized access and credential-stuffing attacks. Tools like OWASP Dependency Check, npm Audit, and SonarQube uncovered critical gaps, complemented by manual assessments for deeper insights, resulting in a significant improvement in the platform’s security posture. The study balanced security and usability, ensuring 2FAintegration remained user-friendly. Usability testing confirmed that users accepted the slightly increased login complexity for enhanced protection. The findings underline the importance of proactive security in IoT systems and showcase how opensource platforms can adopt robust security measures without compromising performance or user experience. This research contributes to securing IoT platforms by providing a safer environment for smart home users. It highlights the potential of open-source solutions to meet growing security demands, supporting a more secure and resilient IoT ecosystem for developers and end-users alike.