Trust and security with cloud based services from tp-link

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

Trust and security with cloud based services from tp-link

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
Trust and security with cloud based services from tp-link
Trust and security with cloud based services from tp-link
2022-08-18 14:03:59 - last edited 2022-10-13 12:02:30

Latest scandal with Ubiquiti storing passwords on last pass without any additional security like 2FA leaves a lot of questions. Back then some time ago, when a thread about what to buy was created, mostly it was flooded by Ubiquiti fanboys promoting them just to be smashed back to the ground after hackers gained access to lastpass and by that gaining access to their AWS servers. Amazingly that the only security consisted of a username+pass and really terrible fact is that they stored at all anything on lastpass. Since then many move to tp-link, but is tp-link better in that part or not is not transparent to me currently.

 

Considering the danger by use of cloud based applications, I would like to know from tp-link how tp-link can assure that such blatant, hard to imagine case like with Ubiquiti could not happen to users using omada cloud services? Can we know more about how you can assure that something like that will not happen as well as how can you assure that no rogue employee gains/shares access? Ubiquiti degraded their company and hardware to lowest possible rating and is not recommended at all to be used and if used, better getting rid of it as quick as possible. Considering that fact, it would be very unpleasant to find out later that tp-link did not force users to change passwords, does not have logs, own system breached etc.. and I would wish to have some transparency about questions I raised especially about security issues connected to cloud.

 

Main reason for raising this question is possible case that omada cloud credentials leaked long time ago as 2FA was introduced lately, but 2FA should have been standard since at least 2016. This meant for me that tp-link did not really care about 2FA until something happened/happens, did something happen? What was the reason that tp-link finaly enabled  2FA for the cloud? As well as, what is the reason that prevents omada cloud controller to have 2FA (captcha would be nice too)? Admins phone gets stolen with full access to omada cloud means, thiefs have full access and nothing can prevent them from accessing it.

 

I am also curious if you plan to move away from java8 or at least upgrade omada for higher versions? Outdated soft/dependencies are always security issue.

  0      
  0      
#1
Options
1 Accepted Solution
Re:Trust and security with cloud based services from tp-link-Solution
2022-10-13 10:42:21 - last edited 2022-10-13 12:02:30

  @Fae / @Hank21 please lock this thread, there will be no further replies from OP.

Recommended Solution
  0  
  0  
#2
Options
2 Reply
Re:Trust and security with cloud based services from tp-link-Solution
2022-10-13 10:42:21 - last edited 2022-10-13 12:02:30

  @Fae / @Hank21 please lock this thread, there will be no further replies from OP.

Recommended Solution
  0  
  0  
#2
Options
Re:Trust and security with cloud based services from tp-link
2022-10-13 11:31:05 - last edited 2022-10-13 11:31:28

Dear @btx,


Sorry for any unpleasantness in the community. Posters can click the Options menu to lock their threads themselves so no further replies will be received anymore. I'll help to unlock the post as you requested, if you want to re-open the thread some day, you can also unlock it yourself. TP-Link Community is always open to you.

 

P.S. I just saw your messages but I cannot give you a reply there anymore. I'd still like to add here that we didn't mean to ask you not to post anymore, but just considering that your first reply post was marked as unhelpful multiple times and the poster requested to delete it, I was thinking that you may not mind it being deleted.

>> Omada EAP Firmware Trial Available Here << *Try filtering posts on each forum by Label of [Early Access]*
  0  
  0  
#3
Options