Protected switches
Posted: Friday 31 May 2024 14:45
Hello,
Small suggestion after one of my childs managed to bypass a protected switch (at home/from LAN, so default admin user): He did not change current (not visible from the interface) password in configuration, I would have soon noticed, but was just setting a schedule to set required state a few minutes ahead... and erasing this schedule after state change!
=> Would be nice, for protected switches, to have schedule button need the password (currently, only direct state change needs it).
Of course, that's not bulletproof & I could already enforce admin password even for LAN access but this would be a bit cumbersome.
Another option may be to be able to have a simple user (or even spectator) being default without password on LAN instead of admin but I could not find a way to do this & may be a bit more complex change (as this should allow re-login to admin from the interface for configuration stuff, even if admin:passwd in URL may also do the job).
So I think needing protected switch password to access schedules may be a good compromise to avoid child's not already digging too much into the system being able to remove a wifi AP disable switch schedule or add one to be able to use internet from their bedrooms at night!
Small suggestion after one of my childs managed to bypass a protected switch (at home/from LAN, so default admin user): He did not change current (not visible from the interface) password in configuration, I would have soon noticed, but was just setting a schedule to set required state a few minutes ahead... and erasing this schedule after state change!
=> Would be nice, for protected switches, to have schedule button need the password (currently, only direct state change needs it).
Of course, that's not bulletproof & I could already enforce admin password even for LAN access but this would be a bit cumbersome.
Another option may be to be able to have a simple user (or even spectator) being default without password on LAN instead of admin but I could not find a way to do this & may be a bit more complex change (as this should allow re-login to admin from the interface for configuration stuff, even if admin:passwd in URL may also do the job).
So I think needing protected switch password to access schedules may be a good compromise to avoid child's not already digging too much into the system being able to remove a wifi AP disable switch schedule or add one to be able to use internet from their bedrooms at night!