You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I would like to discuss the feasibility and appetite for adding password protection to the web interface.
It seems to me that at the moment the Sonoffs are vulnerable to anyone logged into the same wifi network. Clearly one option is to create a hidden SSID wifi access point for Sonoff use, but if that is not an option, how can we secure the devices?
Would an admin password setting option on the 192.168.4.1 initial setup page work? If the password was forgotten a full system reset could start from scratch. Also, setting/resetting the admin pw from MQTT could be possible as access to the MQTT server can be secured.
Thoughts?
The text was updated successfully, but these errors were encountered:
I would like to discuss the feasibility and appetite for adding password protection to the web interface.
It seems to me that at the moment the Sonoffs are vulnerable to anyone logged into the same wifi network. Clearly one option is to create a hidden SSID wifi access point for Sonoff use, but if that is not an option, how can we secure the devices?
Would an admin password setting option on the 192.168.4.1 initial setup page work? If the password was forgotten a full system reset could start from scratch. Also, setting/resetting the admin pw from MQTT could be possible as access to the MQTT server can be secured.
Thoughts?
The text was updated successfully, but these errors were encountered: