For MQTT the same problem exists. Usernames and passwords required for accessing MQTT gateways travel over the network non-encrypted in clear text.
Any coworker, hacker (or what have you) that has access to the network can snoop the usernames and passwords.
I would appreciate if the following security features could to be added to ESPEasy:
(As far as I'm aware none of these is yet implemented.)
- HTTPS/TLS access to ESPEasy configuration (UI)
This requires that a (self-signed) SSL (TLS) server certificate can be configured on the node.
- Support for MQTT over TLS
This requires that the (self-signed) CA certificate (chain) can be configured on the node.
- Support MQTT client certificates
This requires that a (self-signed) client certificate can be configured on the node.
How can (similar to Wifi passwords) simple access to the certificates/passwords config data be prevented/protected?
For example in case of nodes being stolen which is much simpler than stealing a computer, especially in the case of outdoor nodes.