23/05/2019

ESP8266 Secure AP mode

By snorlaxprime

Quite often we take shortcut to make things simple. That that sometimes will come and bite you back. To make sure you always consider security in mind at everything you do. Password is to keep something secure, and not to be forgotten.

In this post, I am trying to show how simple the security can be implemented to ensure that we always have security in mind. There is nothing worse than having a fully working system and then get hacked. This will cause unnecessary stress later.

If you are using ESP8266 in AP mode to setup the WIFI configuration, don’t forget to set the password and make sure you keep it secure by remembering it and not tell anyone.

In order to do this you can set the password when setting the ESP as and AP, this is done using the following code:

WiFi.softAP(WIFI_AP_NAME, AP_PASS);

The second line in the above code passed in “AP_PASS” variable, this will ensure that you can connect to the ESP using the password. You can also leave the second parameter blank to leave it open, but then anyone can connect to it and messed up with your setting. Things to note, the password will need to be more than 8 Characters, otherwise, the function call will fail. The best way to check this is to check the Serial Monitor and modify the above code to be as follow:

Serial.print("Starting AP mode:");
Serial.println(WiFi.softAP(WIFI_AP_NAME, AP_PASS)? "Ready": "Failed!");

When the AP is started, you can see in the Serial monitor window whether the function call WiFi.softAP is success or not. The simple code describing the above can be found below.

/*
   Copyright (c) 2015, Majenko Technologies
   All rights reserved.
   Redistribution and use in source and binary forms, with or without modification,
   are permitted provided that the following conditions are met:
 * * Redistributions of source code must retain the above copyright notice, this
     list of conditions and the following disclaimer.
 * * Redistributions in binary form must reproduce the above copyright notice, this
     list of conditions and the following disclaimer in the documentation and/or
     other materials provided with the distribution.
 * * Neither the name of Majenko Technologies nor the names of its
     contributors may be used to endorse or promote products derived from
     this software without specific prior written permission.
   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
   ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
   WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
   DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR
   ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
   (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
   LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
   ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
   SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/

/* Create a WiFi access point and provide a web server on it. */

#include 
#include 
#include 

#ifndef APSSID
#define APSSID "ESPap"
#define APPSK  "thereisnospoon"
#endif

/* Set these to your desired credentials. */
const char *ssid = APSSID;
const char *password = APPSK;

ESP8266WebServer server(80);

/* Just a little test message.  Go to http://192.168.4.1 in a web browser
   connected to this access point to see it.
*/
void handleRoot() {
  server.send(200, "text/html", "You are connected");
}

void setup() {
  delay(1000);
  Serial.begin(115200);
  Serial.println();
  Serial.print("Configuring access point...");
  /* You can remove the password parameter if you want the AP to be open. */
  WiFi.softAP(ssid, password);

  IPAddress myIP = WiFi.softAPIP();
  Serial.print("AP IP address: ");
  Serial.println(myIP);
  server.on("/", handleRoot);
  server.begin();
  Serial.println("HTTP server started");
}

void loop() {
  server.handleClient();
}

Hopefully you will find this article useful to secure your IoT devices and saving you the headache of being hacked in the future. If you like this post, please share and don’t forget to subscribe the blog for more article about IoT and Arduino.