The problem with this approach is, that some devices for example an iPhone are changing their bluetooth device address every 30 minutes. So whitlisting specific device addresses will not work with iPhones and other client devices.

>You can opt for limited discovery , where advertising is done only for limited period of time. After that advertising stops, so remote devices cannot find your device or initiate connection. The problem when opting in for limited discovery the ESP32 will only be visible for 30 seconds and after tha...

Ok, i found a way to restrict access to characteristics only for paired devices: You have to set the characteristics flags to: BLE_GATT_CHR_F_WRITE | BLE_GATT_CHR_F_WRITE_ENC (you have to use BOTH to make it work) One Question still remains: You said that you allow every device to connect to you ESP...

I've configured ble_hs_cfg with your settings, and now I'm asked to enter a PIN when I'm training to bond with the ESP32-S3. BUT the strange thing is, I'm still able to connect to the ESP32-S3 (without bonding) and I can use the Service-Characteristics (read/write values) of the ESP32-S3 through the...

Thanks I've tried bonding with the ESP32-S3 using the https://www.nordicsemi.com/Products/Development-tools/nRF-Connect-for-mobile app. The app shows that the ESP32-S3 was bonded, but the output of ESP32-S3 sill shows bonded=0: I (173106) NimBLE: connection established; status=0 I (173106) NimBLE: h...

Good to hear that storing bonding in NVS is already working. I don't want to disable bluetooth completely as it should be available for an already bonded device at any time. It should not be possible for any other device to connect to the ESP32-S3 without pressing the pairing-button first. An alread...

Thank you, eriksl, that makes a lot of sense! So wouldn't it be possible to allow pairing only for 30 seconds when pressing a button? So that a 5 digit pin would be secure enough if you only have 30 seconds to pair? An once a device is paired, you disable pairing except when you press the button aga...

Thanks for your elaboration! Your method of using a secret handshake after connection is a feasible workaround but isn't there a problem, that when somebody has paired with your device before, you cannot connect to the device because it is already paired? It's hard believe that there is no out-of-th...

I came across this post as I also need a method to make NimBLE secure for unauthorized access. Currently everyone within reach of my ESP32-S3 is able to connect and manipulate my ESP32-S3 NimBLE application. Is there a way to allow pairing only once for 30 seconds only after pressing a button? So th...

Hi, I've written an application based on the NimBLE Peripheral Example (exampled\bluetooth\nimble\bleprph) and connection and exchanging data works fine. My only problem is, that every device in the range of the ESP32-S3 is able to connect, which is a big security issue. What is the conventional met...