Can I disable remote management on a Deco M5
Can I disable remote management on a Deco M5
I just noticed that I can connect to my M5 router's admin settings with the Deco app on my phone using my cell phone provider's network. This looks like a big security risk because if my TP Link username and password are ever leaked anyone can get in. Is there a way to set the router to only accept Deco app connections when my phone is connected to its wi-fi network? Or there is a way to at least setup two-factor authentication?
On every other router I've own there was always a way to disable remote admin access.
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
There is not a way to disable remote access once the Deco as it is a cloud based device.
What it will come down to is practicing safe habits that apply to other things such as banking or email. Make sure your password is not easily guessed, your TP-Link ID can go up to 32 characters, you can have certain special characters too (https://community.tp-link.com/us/home/kb/detail/263). And the most important thing is to not share your login credentials.
- Copy Link
- Report Inappropriate Content
This sounds like a critical vulnerability. Is the remote management at least end-to-end encrypted? If it’s not then any Deco owner is vulnerable to a hostile government that sends a warrant compelling tplink to give it control of the customer’s Deco.
End to end encryption should be the default combined with optional 2FA.
- Copy Link
- Report Inappropriate Content
Agree with Mark. Given the list of controls available on the P9s I just bought I see absolutely no reason for any of those features to be accessible from outside of the LAN (setting up a VLAN, blacklisting, LED control, operating mode etc...). I've resorted to setting up MAC filtering to block all of the nodes from communicating with the Internet.
(Apologies for the late bump)
- Copy Link
- Report Inappropriate Content
@Tony Which is fine as long as TP-link never ever suffer a password data breach, at which point there's potential for an attacker to tinker with people's networks.
It'san unacceptable policy. Users should have the option to allow cloud management or disable it and rely on local web-based management.
- Copy Link
- Report Inappropriate Content
Hello,
I know, it is an old topic but looks like the issue is the same.
I have just set up my three Deco S4 units as APs and I blocked them to access the internet (on my firewall). My Deco app can't recognise them anymore despite my phone is on the network which was created by the same Deco units.
Is there a way to set my Deco app to find the Deco units on the local network? Or it is only checking some sort of Cloud account where the Decos wanted to check-in?
If I can't have the app working with the S4 units without your cloud service, can you recommend another of your products that can be used as mesh APs and happy to work without internet access (like the BT Whole Home WIFI)? After all, I don't really need a cloud account, I need only local Access Points.
Thank you.
- Copy Link
- Report Inappropriate Content
- Copy Link
- Report Inappropriate Content
Nice to see you again. I am still waiting for your update on the other post:
https://community.tp-link.com/en/home/forum/topic/516580
The remote management of Deco M5 is only via Deco APP from the TP-Link Cloud service.
And there is no potential security risk for it.
- Copy Link
- Report Inappropriate Content
@TP-Link I layed out a couple specific scenarios in which the cloud management feature introduces large security risks. Saying "there is no risk" either indicates you didn't even read my post before replying or you know nothing about security.
- Copy Link
- Report Inappropriate Content
@Mark123 Exactly. In my other thread he said that there are no plans to allow users to disable this feature. These units need to be returned. The security risk is huge. I am waiting for they day they are hacked and everyone is pissed.
- Copy Link
- Report Inappropriate Content
- Copy Link
- Report Inappropriate Content
Information
Helpful: 2
Views: 10500
Replies: 15