| Aspect | Rating | Notes | |--------|--------|-------| | Encryption | ⚠️ Moderate | Default HTTP login sends credentials in plaintext. Use HTTPS + certificate to secure. | | Brute Force Protection | ✅ Yes | Built-in "hotspot guard" and login attempt limits. | | Session Hijacking | ⚠️ Risky | Without HTTPS, session cookies are visible. | | Rogue AP Detection | ✅ Yes | Can block clients connecting to fake APs. | | User Isolation | ✅ Yes | Client-to-client forwarding can be disabled. |
# User configuration /ip hotspot user add name="user1" password="password1" profile="default" mikrotik hotspot login
# IP address configuration /ip address add address=192.168.1.1/24 interface=ether1 | Aspect | Rating | Notes | |--------|--------|-------|
| Method | Description | |--------|-------------| | Username/Password | Local database, RADIUS, or Active Directory | | Vouchers | Pre-printed or emailed time/data-limited codes | | MAC Authentication | Bypass login for known devices | | Social Login | Requires external script (not native) | | SMS OTP | Requires external SMS gateway setup | | Free Access | Just click "Accept Terms" | | | Session Hijacking | ⚠️ Risky |