Ok, I admit, I am a bit of a security freak (professional deformation, I guess ) but it really would be great to have following options available in web UI:
- possibility to change “pi” user’s password - leaving it at default is a security disaster in a shared network (unless we are ok with our little Pi being a part of some botnet or/and mining for bitcoins)
- setting and changing the password of MPD server - so not everybody who has access to my network can mess with my playlists etc.
While there is an easy workaround for the first issue (changing password via SSH) the other one is more problematic (applying new settings from web UI will overwrite manual changes in /etc/mpd.conf).
Web UI authentication is also a must (it may be optional but it must be available). Currently anyone in my network can change settings like currently used DAC, add and remove NASes, change audio buffer size, refresh MPD database over and over etc. Right now maybe this isn’t much but in the future, as more options will come, it may be even possible to damage some else’s hardware.
This may all sound like serious case of paranoia, but some of those are really serious security issues, please don’t belittle those and stay safe!