monkeytronics wrote:Wifi manager is insecure.
Who cares if it is?
The ESP is a "Simple" microcontroller, not a datacenter or multi-user environment.
People want to make simple, personal projects for free and for a small audience; if you're planning to roll out your product to the masses, you can risk assess any present vulnerabilities.
When you're new, don't start with a separate ESP (ESP-01 to ESP-14) module.
Get yourself a proper development board: NodeMCU - WeMos D1 - WeMos (UNO form factor) - Witty Board
ESP power requirements are 3.3V±10%@350mA
The ESP8266 IS NOT 5V tolerant on ANY pin (see item 5.14 on page 25 of the FAQ)
I really do. I think it's crazy that we, as developers, would be satisfied to opearate at a lower level of security than we would, were we to productionise something! I don't get the logic. Since it's just for me, "I'll not bother with security." Personally, I'd feel better with, "since this is for me, I'll make damn sure it's as secure as I can. I'm going to give it 2 layers of crypto, teeth and a failsafe to scramble the memory. And I want smoke afterwards for good measure".
I don't have much time on my hands, but I will have a go at a secure version of this. Presumably noone has released it so far, because it's of commercial value. So those that have done it, don't want to share it. Which is fair enough I suppose. As I say, it has definite value.