I don't use a UI.com account to connect to the Unifi controller I host (as I don't need their inconsistently working NAT traversal to get to my controller), hopefully the networks I support are safe due to not being entangled with Ubiquiti's cloud infrastructure.
Anyone who is forced to get a UI.com account (eg: UniFi Dream Machine and UDM-Pro owners) should change their credentials and do a factory reset on their routers and Access Points ASAP.
> do a factory reset on their routers and Access Points ASAP
This is a miserable user experience. If you do a reset and don’t know the SSH password on APs or cameras you get to spend a hellish few hours crawling though ceiling insulation, climbing ladders and physically resetting devices. It’s so shit. I’ve just done it, but not due to security concerns, but instead because of a UDM-P crapping out randomly.
This is why I like having the controller in a virtual machine offsite. Factory resetting the router and pairing it to the same site in the separate controller gets me back to the same exact place I expect to be.
With the UDM series, the integrated controller ensures you lose everything if you have to factory reset, site to site VPNs have to be manually configured, and numerous other minor annoyances crop up (like UI.com not always being able to connect to the controller).
>If you do a reset and don’t know the SSH password on APs or cameras
Who's fault is that if you don't have it? First thing I do when I set a new site up is record all the vital information like that for when I will inevitably need to recover stuff.
It should be standard backup/disaster recovery practices - for ANY system. Making sure you have critical information BEFORE you really need it is preparedness 101.
Anyone who is forced to get a UI.com account (eg: UniFi Dream Machine and UDM-Pro owners) should change their credentials and do a factory reset on their routers and Access Points ASAP.