5. Security

5.1. User account

The preconfigured image is not secure by default and at minimum the password for the pi user should be changed!

5.2. MQTT

The Mosquitto broker may be configured to require a username and password, which may then be set in aq.toml.

Should MQTT not be required at all, Mosquitto could be disabled from starting or uninstalled.

5.3. WebSocket API

The WebSocket API used by the display does not implement any sort of security.