Skip to content

Latest commit

 

History

History
11 lines (9 loc) · 881 Bytes

Security.md

File metadata and controls

11 lines (9 loc) · 881 Bytes

Security considerations

Security of the P1P2MQTT bridge is limited by various factors:

  • firmware update via webserver: no protection (yet), protection thus relies on your local network
  • firmware update via OTA mechanism: password-protected (password configurable via P18)
  • AP when MQTT or WiFi fails: password-protected, SSID/password can be configured with parameter (configurable via P00/P01)
  • AP when reset button is tapped twice quickly: default SSID/password
  • telnet: can be protected with login-code via parameter (conifigurable viaP16)
  • MQTT: user/password protected, but anyone with user/password to the MQTT server can give instructions to the bridge and can monitor traffic for passwords being configured

This practically means that anyone with access to your local network, or with physical access to the P1P2MQTT bridge reset button, has full access.