Are Wifi credentials stored in an unsecure way on ESP32?
codingABI opened this issue · 4 comments
Board
ESP-WROOM-32 NodeMCU (ESP32 Dev Board)
Device Description
Only a plain ESP-WROOM-32 NodeMCU (ESP32 Dev Board)
Hardware Configuration
Only a plain ESP-WROOM-32 NodeMCU (ESP32 Dev Board)
Version
v2.0.5
IDE Name
Arduino IDE
Operating System
Windows 11
Flash frequency
80 MHz
PSRAM enabled
no
Upload speed
115200
Description
Everybody how can upload a sketch to an ESP32 can read the previous used Wifi credentials in plain text. This makes it very easy for hackers to get my Wifi credentials, if they get USB access to one of my ESP32s.
Sketch
#include <WiFi.h>
#define WIFIMAXRETRIES 30
void setup() {
int wifiRetry = 0;
Serial.begin(115200);
Serial.println("Connect without credentials");
WiFi.begin();
while ((WiFi.status() != WL_CONNECTED) && (wifiRetry <= WIFIMAXRETRIES)) { // wait while connecting
wifiRetry++;
delay(500);
Serial.print(".");
}
Serial.println();
if (WiFi.status() == WL_CONNECTED) {
Serial.print("Successfully connected and ESP got IP ");
Serial.println(WiFi.localIP());
} else Serial.println("Connection failed");
Serial.print("SSID ");
Serial.println(WiFi.SSID());
Serial.print("PSK ");
Serial.println(WiFi.psk());
}
void loop() {
}
Debug Message
Connect without credentials
.
Successfully connected and ESP got IP 192.168.170.26
SSID myssid
PSK mySecretPassword1
Other Steps to Reproduce
I prepared a description to reproduce on https://github.com/codingABI/Arduino-ESP32-Wifi-easy-and-unsecure
I have checked existing issues, online documentation and the Troubleshooting Guide
- I confirm I have checked existing issues, online documentation and Troubleshooting guide.
Likely true. If a hacker can break into your home, plug in USB to your module, install the development environment on their laptop, and read out the flash then they can likely find the WiFi credentials in your flash. Or they could reprogram your module with a simple program to print the credentials to the console.
You can turn off autosaving of WiFi credentials. This is what we use:
WiFi.persistent(false); //Base library should NOT save SSID/pwd to NVS. This also prevents wifi autostart.
//https://stackoverflow.com/questions/65873683/how-do-you-erase-esp32-wifi-smartconfig-credentials-from-flash
//Namespace "nvs.net80211": "sta.authmode", "sta.ssid", "sta.pswd".
I tried WiFi.persistent(false); before the line WiFi.begin(SSID,PASSWORD); and the used Wifi credentials could not be read by another sketch uploaded afterwards => That seems to solve my problem. Thank you very much!
I'm just a little surprised that this security issue doesn't show up in the ESP32 tutorials I know of. WiFi.persistent(false); should be much more known. I'm afraid not many ESP32 newbies like me are aware of the problem.
@codingABI if you want that to be secure, you need to look past Arduino and use ESP-IDF with flash+nvs encryption (you could still have Arduino as component in the IDF project)
I'll give the ESP-IDF&encryption a try when I get a chance. At the moment WiFi.persistent(false) is an acceptable solution for me. Thank you all.