ESP8266 Community Forum

- Wed Dec 05, 2018 1:11 pm #79423 Wow, it looks like WiFiManager is the only way to go.
In the process of adding it to a simple test project here to replace hard-coded wifi credentials.

- Sat Dec 22, 2018 9:26 pm #79688 I don't get it! Wifi manager is insecure. How is this a solution for anything?

- Mon Dec 24, 2018 8:06 pm #79702

Wifi manager is insecure.

Who cares if it is?

The ESP is a "Simple" microcontroller, not a datacenter or multi-user environment.
People want to make simple, personal projects for free and for a small audience; if you're planning to roll out your product to the masses, you can risk assess any present vulnerabilities.

Assumption is the mother of all f*ckups; I should know: I've been assuming a lot.
When you're new, don't start with a separate ESP (ESP-01 to ESP-14) module.
Get yourself a proper development board: NodeMCU - WeMos D1 - WeMos (UNO form factor) - Witty Board
ESP power requirements are 3.3V±10%@350mA
The ESP8266 IS NOT 5V tolerant on ANY pin (see item 5.14 on page 25 of the FAQ)

- Sun Feb 10, 2019 5:18 pm #80516 Who cares if it is?

I really do. I think it's crazy that we, as developers, would be satisfied to opearate at a lower level of security than we would, were we to productionise something! I don't get the logic. Since it's just for me, "I'll not bother with security." Personally, I'd feel better with, "since this is for me, I'll make damn sure it's as secure as I can. I'm going to give it 2 layers of crypto, teeth and a failsafe to scramble the memory. And I want smoke afterwards for good measure".

I don't have much time on my hands, but I will have a go at a secure version of this. Presumably noone has released it so far, because it's of commercial value. So those that have done it, don't want to share it. Which is fair enough I suppose. As I say, it has definite value.

Cheers,