opensourcemirror
/
WLEDwiki
mirror of https://github.com/Aircoookie/WLED.wiki.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Updated Security (markdown)

This commit is contained in:
Aircoookie 2018-01-10 01:22:44 +01:00
parent e35dbb0a56
commit 3c5019a08b
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Security.md
View File

@ -8,7 +8,7 @@ If you have configured a port forwarding to control WLED from outside your local
### 1: Is the connection itself safe?
A: Technically not. The ESP8266 uses unencrypted HTTP traffic. Implementing HTTPS would take to much processing power and memory on this little device. This means an attacker could read your passwords during transmit. Therefore, to be safe, please do NOT change the AP/Client WiFi/OTA password from outside of your LAN via a forwarded port. If you are at home, you should be safe if your WiFi is secured. You can change any other setting while your away, though. WLED doesn't send your actual password to the settings page, just its length.
A: Technically not. The ESP8266 uses unencrypted HTTP traffic. Implementing HTTPS would take to much processing power and memory on this little device. This means an attacker could read your passwords during transmit. Therefore, to be safe, please do NOT change the AP/Client WiFi/OTA password from outside of your LAN via a forwarded port. If you are at home, you should be safe if your WiFi is secured. You can change any other setting while you're away, though. WLED doesn't send your actual password to the settings page, just its length.
### 2: What do you mean by secure then?