The point is:
Do not matter what protocol you use,
if you not use certificates for login instead of have strong crypto for only hide admin/123456
and you do not close to all IPv4/IPv6, except one/two addresses, all is still possible...
Is like you do not read this...
If you use TLS 666.4 with eliptic curve with 657168798671687687 bit
everyone CAN connect in any case to the device, because all this cripto is only for secure the data exchanged to config page, instead of the possibility to connection
is all U.S.E.L.E.S.S.
understand my point?
And also, if you put this effort to protect the config data to a device, without protect "all readable" wifi emission, passing data on ptp "cleartext", is right?
The right point of view is:
my wireless emission are crypted?
if someone "cut" the ethernet cable and put between another device, the traffic is readable?
if someone reach the config page of the device, is here anyting can cause compromise?
Sorry, I'm not english and have some problem to express what exactly I mean.