Can I disable remote management on a Deco M5

Can I disable remote management on a Deco M5
Can I disable remote management on a Deco M5
2019-05-09 21:41:02
Model: Deco M5
Hardware Version: V1
Firmware Version:

I just noticed that I can connect to my M5 router's admin settings with the Deco app on my phone using my cell phone provider's network.  This looks like a big security risk because if my TP Link username and password are ever leaked anyone can get in.  Is there a way to set the router to only accept Deco app connections when my phone is connected to its wi-fi network?  Or there is a way to at least setup two-factor authentication?

 

On every other router I've own there was always a way to disable remote admin access.

1
1
#1
Options
5 Reply
Re:Can I disable remote management on a Deco M5
2019-05-10 15:41:21

@RSF 

 

There is not a way to disable remote access once the Deco as it is a cloud based device.

 

What it will come down to is practicing safe habits that apply to other things such as banking or email. Make sure your password is not easily guessed, your TP-Link ID can go up to 32 characters, you can have certain special characters too (https://community.tp-link.com/us/home/kb/detail/263). And the most important thing is to not share your login credentials.

0
0
#2
Options
Re:Re:Can I disable remote management on a Deco M5
2019-09-05 14:52:13

This sounds like a critical vulnerability. Is the remote management at least end-to-end encrypted? If it’s not then any Deco owner is vulnerable to a hostile government that sends a warrant compelling tplink to give it control of the customer’s Deco. 

 

End to end encryption should be the default combined with optional 2FA. 

2
2
#3
Options
Re:Re:Can I disable remote management on a Deco M5
2020-04-20 16:37:41 - last edited 2020-04-20 16:39:10

Agree with Mark. Given the list of controls available on the P9s I just bought I see absolutely no reason for any of those features to be accessible from outside of the LAN (setting up a VLAN, blacklisting, LED control, operating mode etc...). I've resorted to setting up MAC filtering to block all of the nodes from communicating with the Internet.

 

(Apologies for the late bump)

2
2
#4
Options
Re:Can I disable remote management on a Deco M5
2021-01-11 21:53:11

@Tony Which is fine as long as TP-link never ever suffer a password data breach, at which point there's potential for an attacker to tinker with people's networks.

 

It'san unacceptable policy. Users should have the option to allow cloud management or disable it and rely on local web-based management.

0
0
#5
Options
Re:Can I disable remote management on a Deco M5
2021-08-21 11:21:24

@Tony 

 

Hello,

 

I know, it is an old topic but looks like the issue is the same.

 

I have just set up my three Deco S4 units as APs and I blocked them to access the internet (on my firewall). My Deco app can't recognise them anymore despite my phone is on the network which was created by the same Deco units. 

 

Is there a way to set my Deco app to find the Deco units on the local network? Or it is only checking some sort of Cloud account where the Decos wanted to check-in?

 

If I can't have the app working with the S4 units without your cloud service, can you recommend another of your products that can be used as mesh APs and happy to work without internet access (like the BT Whole Home WIFI)? After all, I don't really need a cloud account, I need only local Access Points. 

 

Thank you.

0
0
#8
Options