Is "locking" a page with a password secure?

Is locking all pages in my .HMI file with a password secure?
Can the password be recovered form either .HMI or .tft file?
Same question to securing the project with a password, is it secure?

Thanks for all the answers!
Pawel

Never have tried reverse-engineering a HMI or tft file to check this out. But they say (and have appropriate warnings in the editor about that) that lost passwords can’t be recovered, even not by them which makes me pretty confident.
Afterwards, the question is: Why should someone try to crack a password protected HMI file? I mean, it’s a little subsystem firmware, not a bitcoin storage…

Anything can be cracked given the time & motivation to do so. I think the statement “lost passwords can’t be recovered” is more of a guarantee that Nextion ‘support’ won’t help you if you encounter that problem (and any other issue for that matter) It says nothing about the security of the password itself…

I wouldn’t put too much trust in TJC code either way. They probably just hash the password and crc the file…

1 Like

Password-protected pages is a great tool, if the .HMI file is distributed to technicians who only need to upload the new firmware without access to the source code.
I agree locking the entire project kinda makes no sense(but its good to have an option right?).

That’s what I though too…
I preferred to ask if someone actually put some effort and investigated that topic :slight_smile:

Has someone compared a protected vs an unprotected in hex view ?

1 Like