Command or process to clear individual WiFi credentials

Hi Forum and maybe @Dave ,
I’m implementing a pilot for a commercial system using Photon and would like to put forward a suggestion to make life a little easier for anyone that commissions their solutions remotely. Would it be possible to introduce a firmware command that would clear (delete) a single WiFi credential?

My logic is that devices could be issued with a generic and simple SSID and Password credential preloaded (say, SSID “MyPhoton” and password: “MyPassword”). In the event an installer is unable to get the Android or Apple smart device apps to work, they could set up a temporary WiFi hotspot using their smartphone (using the above credentials) to get the Photon online – after that I could use the WiFi.setCredentials command by remote firmware flash to provide the actual (more secure) local WiFi credentials.

The problem is that the simple credentials used with the hotspot would still reside in memory and potentially be a security issue. If, after flashing the legitimate local credentials I could then erase the instance of the simple SSID and Password (while retaining the legitimate local credentials) this system will work. Maybe the command could be something like WiFi. clearthisCredential ("MyPhoton ", " MyPassword ");

Apologies if this has been a little long-winded but I write out of shear frustration. Both the Particle Android and iPhone /Apple Apps, seem to be unreliable as a mechanism to commission WiFi credentials on Photon. Personally, I haven’t had much trouble – but on the three occasions I’ve tried to get people I consider reasonably technically capable to set the WiFi credentials using the Apps they have failed – despite some considerable time “talking them through”.
If I have missed something or there is a simple fix for this dilemma please let me know – I’m happy to do my homework if I know where to look.
Regards,
Chris

The credentials are saved in the memory space of the wifi module and there’s no mechanism to retrieve the password.

What security issue do you see with the possible leak of WiFi SSID and password?

1 Like

With the ability to use SoftAP to set credentials the need for preset credentials seems somewhat gone.
And I find that a far superior and relyable way to set credentials than the Particle apps - you can even do that with any WiFi enabled device that can connect to the Photon’s SoftAP.

But you could issue a WiFi.clearCredentials() before storing the new ones.

2 Likes

Hi @ScruffR
I don’t know how many times you’ve set me straight on Particle matters - but I definitely owe you a beer if ever you’re in Sydney. I probably should have addressed my initial query to the Monty Python “Ministry of the Bleeding Obvious”.
Yes the process of putting the WiFi.clearCredentials() before assigning the new credentials worked - and will suffice as a temporary workaround for my problem. For the record, I will add that it does not work if you put any variable definitions before the setup() or anything in loop(). So this worked fine:

void setup() {

WiFi.clearCredentials();
delay (10);
WiFi.setCredentials("local_router_name", "complex_password");

}

void loop() {

}

Thanks again, and also a thanks to @kennethlimcp, who is always helpful and great at better defining problems

1 Like

@DRCO, you’re welcome!

I’m not quite with you on that. How do you mean that?
If you are clearing credentials at any point in your code, you should use a non-AUTOMATIC SYSTEM_MODE or explicitly disconnect from WiFi to prevent the otherwise happening blocking of code and/or auto reconnect/listening mode to interfere with the rest of your sketch.
When you do that, the above “restriction” should not be needed.

1 Like

Hi @ScruffR,
Thanks again for getting back to me. OK, to be clear - the code I posted earlier works fine - deletes the simple code and writes the new credentials to memory. In testing, I wanted a simple confirmation - basically the “blinky” code - as follows:

int led2 = D7;
void setup() {

WiFi.clearCredentials();
delay (10);
WiFi.setCredentials("local_ssid", "complex_password");

pinMode(led2, OUTPUT);
}

void loop() {

digitalWrite(led2, HIGH);
delay(500);
digitalWrite(led2, LOW);
delay(500);
}

I had both the simple “hotspot” and the comlex (router) wifi networks running when I flashed the above code - theoretically, the photon should have dumped the hotspot and logged on to the router. On three attempts when I used the above code the Photon cleared the hotspot wifi credentials - but did not retain the new (router) credentials. At the completion of the flash - the Photon returned to the blinking blue “Listening” mode. I tried a physical reset - but no joy.

Following your other suggestions; I’m checking out the SoftAP example - but it seems a lot of additional code loaded up-front. If I’m right it performs the same task as the ESP8266 / Arduino IDE WiFi manager which is a simple library addition and has proven really solid and reliable on that platform. Just include the library - and it’s a couple of lines in the actual code.I wonder if any bright Particle community member - or maybe the Particle guys are looking at adding a similar library to the Particle IDE?

Most of that code is the stuff that makes up the web page - which you can design the way you want it. So putting that into a non-editable library may not be what you want. You could even place these parts on an SD card and pull them in via SDFat library to allow for different pages without the need to flash new code.
The rest of the actual logic are just a few lines (you may want to adapt too), which do in turn use some features that are already packed in a library.
It’s just that this is a stock library that doesn’t need importing.

For that you may want to use the full four parameter overload for setCredential() and WiFi.disconnect() before storing the new creds.

1 Like