Ability to bypass PrusaLink local account password restrictions.
Since my printer is on an isolated, secured wifi, I'd very much like to bypass password requirements, so I can use whatever password I want, even if it's not as secure as prusa would want. I never plan on allowing anyone else to access the printer, so I see no point in limiting me with these requirements:
Password can't contain spaces on the beggining nor the end and must meet at least one of these options: - Minimal length 8 characters, including one lowercase letter, one uppercase letter and one number - Minimal length 8 characters, including one non-alphanumeric character (e.g. @) - Minimal length 15 characters
I guess what I'm asking is for a checkbox that I could select prior to changing my password that would allow me to use whatever password I want, and bypass the security restrictions (obviously with a huge RED prompt asking me if I'm sure).
RE: Ability to bypass PrusaLink local account password restrictions.
Hi, we disagree about this in the Connect team. If anybody stumbles upon this, like the OPs post, if you want something similar.
I promise nothing, as it stands it has been decided not to allow open access to Link. But data always comes in handy if one would to re-visit an argument. Thank you
RE:
I'm not asking for open access (no password), just the ability to use w/e password I want, and not be forced to use one letter, one number, one symbol, etc...
You could even force the password requirements if the printer is connected to PrusaConnect, but if it isn't (only PrusaLink), then users should be able to bypass password requirements and choose whatever password they want.
RE: Ability to bypass PrusaLink local account password restrictions.
Yup, we just haven't talked about giving the option to bypass password requirements, so i answered with the most similar thing we discussed.
RE: Ability to bypass PrusaLink local account password restrictions.
I am at home with my mini connected to my network using a network cable directly connected to my home network. My browser won't even remember the password for PrusaLink. I can't imagine if I had a couple more printers connected, how irritated I would be having to type in the username and password every time on my isolated network. this is not a big ask to allow me to choose in my own home to not have to use a password to the equipment I own.
RE: Ability to bypass PrusaLink local account password restrictions.
The fact that Prusa does not want to do it is fair point. But that does not mean it can not be done anyway, at least not directly 😉
You can do it outside of the printer via proxying requests, for example using nginx https://github.com/nvtkaszpir/3d-print/tree/main/prusa-link-no-password
See my GitHub and printables.com for some 3d stuff that you may like.
RE: Ability to bypass PrusaLink local account password restrictions.
Sincere thanks.
Although I am not familiar with docker, I look forward to learning.
Thanks again for your reply.
RE: Ability to bypass PrusaLink local account password restrictions.
You don't need docker for that, if you have some linux system just install nginx and add the configs and it should work. Docker just makes it easier to isolate it.
See my GitHub and printables.com for some 3d stuff that you may like.
RE: Ability to bypass PrusaLink local account password restrictions.
yesterday I've added better caching for the content, thus it should mitigate certain issues when browsing usb while printing,
see the bottom section of https://github.com/nvtkaszpir/3d-print/tree/main/prusa-link-no-password
this was tested with Prusa Mini but if someone uses it with other printers (especially Mk4 or Core or XL) then please give me some feedback especially about the urls accessed which could be cached.
See my GitHub and printables.com for some 3d stuff that you may like.
RE: Ability to bypass PrusaLink local account password restrictions.
Hi, we disagree about this in the Connect team. If anybody stumbles upon this, like the OPs post, if you want something similar.
I promise nothing, as it stands it has been decided not to allow open access to Link. But data always comes in handy if one would to re-visit an argument. Thank you
I gotta wonder, who is paying Prusa so much money to ignore the mountainous deluge of customer requests to remove this feature?
Do you have some bulk contracts with someone who thinks digest without SSL is secure?
RE: Ability to bypass PrusaLink local account password restrictions.
One of the issues I see is the browser not accepting the function of autofilling the user/psswd for its own internal security reasons... If primary password managers can't accept the connection as secure, e.g., Edge, Chrome, Firefox, I really have to laugh at the arrogance Prusa thinks it is providing something secure.
Please, offer a switch to disable security on network connections, or provide https and 
a real certificate from a real worldwide certification company.
RE:
The browser warning is a UX issue, not an actual security flaw, since Prusa Link does not forward the browser from HTTP to HTTPS.
In my technical opinion, providing a “real” SSL certificate from a public CA on a local 3D printer web interface is not realistic for several technical reasons:
Public CAs do not issue certificates for private IP addresses (e.g. 192.168.x.x). Without a public DNS name and external reachability, a valid certificate is simply not possible.
Certificates expire (90 days for Let’s Encrypt, ~1 year for others).
This would require:
- automatic certificate renewal,
- ACME challenge support,
- secure key storage,
- and/or regular firmware updates.
I think that embedded devices like 3D printers are not designed to run this kind of infrastructure.
Also, each user would need an individual certificate.
That's because every printer lives in a different local network, behind a different router, usually without public DNS.
There is no scalable way for a manufacturer to provision unique certificates per user.
Certificate issuance requires public reachability or DNS control. A printer in a private LAN behind NAT cannot satisfy these requirements without forcing cloud connectivity and user accounts.
Embedded hardware is not a general-purpose web server. Limited resources and static TLS stacks mean that even with HTTPS, browsers may still complain about ciphers or TLS versions.
HTTPS in a local LAN provides little real security benefit.
If an attacker can intercept traffic inside the LAN, the network is already compromised.
Authentication and firmware security matter far more than a browser “secure” badge.
For these reasons, HTTP or HTTPS with a self-signed certificate is the standard and reasonable solution for local device interfaces.