Is it ok to have the same password on all machines for the Web GUI? I mean, it’s better than no password on all machines. Having different passwords is even better, but less convenient. So, I’m asking about this trade-off. How much this convenience decreases security?
It’s always better to use different passwords, however with Syncthing and WebGUI specifically, it also depends whether access to the GUI is limited to the local machine (localhost) or whether it can be accessed remotely. By default, only local access is allowed, so as long as the device itself is protected with a password and you’re the only user, then you don’t really need to set up any password for Syncthing at all.
If you do want to enable remote access, then it’s basically the same as with other network-enabled devices - different passwords per device are more secure than re-using the same one.
1 Like