" *Using a userid and password for authentication for mqtt works...but the credentials show up as clear text in the javascript. So no real security there. Easier to just use an anonymous mqtt server. It's just weather data*."
It depends on the way authentication and access control list (acl) are defined, if any. Anonymous access imply that anyone could use your MQTT for their own purpose, i.e; even publishing and retrieving their own topics . My mosquito MQTT broker is configured with authentication and acl, with an account user=public, password=public . As you said, this account is not hidden since it shows up as clear text in the javascript, but it is limited to listen to a specific topic; with no rights to publish anything or to listen to any other topics. -- You received this message because you are subscribed to the Google Groups "weewx-user" group. To unsubscribe from this group and stop receiving emails from it, send an email to weewx-user+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/weewx-user/36181a4a-d25d-40ba-be95-6396621260c1n%40googlegroups.com.