Tasmota: Password protection for web interface?

Created on 12 Feb 2017  ·  3Comments  ·  Source: arendst/Tasmota

I would like to discuss the feasibility and appetite for adding password protection to the web interface.
It seems to me that at the moment the Sonoffs are vulnerable to anyone logged into the same wifi network. Clearly one option is to create a hidden SSID wifi access point for Sonoff use, but if that is not an option, how can we secure the devices?

Would an admin password setting option on the 192.168.4.1 initial setup page work? If the password was forgotten a full system reset could start from scratch. Also, setting/resetting the admin pw from MQTT could be possible as access to the MQTT server can be secured.

Thoughts?

question
Source
picture smadds

All 3 comments

Quick solution: disable webserver with option 0.

arendst picture arendst on 13 Feb 2017
👍1

If there was a "like" button I would press it!

smadds picture smadds on 13 Feb 2017
👍1

:lock:
:unlock: through MQTT!
Very nice tip!

hoekbrwr picture hoekbrwr on 13 Feb 2017
👍1
Was this page helpful?
0 / 5 - 0 ratings

Related issues

Clooney82 picture Clooney82  ·  123Comments
Chaot1 picture Chaot1  ·  115Comments
jsponz picture jsponz  ·  289Comments
Bloodyagent picture Bloodyagent  ·  323Comments
whhsw picture whhsw  ·  222Comments