You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Having the same password for every device is a serious security issue (webcam stream, ...)
(1)
I propose to disable every route and make the web application unusable until the password is changed.
On the backend:
Implement a change wifi password route
check the password, if it's the default, disable every route but the change wifi password one, then force a redirect to a change password page on the frontend
On the frontend:
Implement a simple page allowing to change the password
(2)
An alternative could be to generate a new password, show it to the user, making sure the user has taken note of (confirmation dialog?) then reboot the wifi service and apply the new password, on the first run.
(1) seems ok to me, but we also need the possibility to reset the password. If we add a hardware button we can exploit it to trigger the password reset, assuming that anyone who has the access to the robot can set its password.
Agree, (1) looks good to me.
The password, as well as the ssid, could be changed via web ui, old version.
It implemented in wifi.py; it's a little cumbersome, but it should work.
Having the same password for every device is a serious security issue (webcam stream, ...)
(1)
I propose to disable every route and make the web application unusable until the password is changed.
On the backend:
On the frontend:
(2)
An alternative could be to generate a new password, show it to the user, making sure the user has taken note of (confirmation dialog?) then reboot the wifi service and apply the new password, on the first run.
Any opinion on this? @previ @leonardo77
The text was updated successfully, but these errors were encountered: