Thank you very much!Winbox uses a variant of SRP to establish a secure, encrypted communication channel. Username is sent in plain text as part of identity verification process to deny possible MITM attacks. The password is not and never was sent in plain text.
https://en.wikipedia.org/wiki/Secure_Re ... d_protocol
Article describes protection against remote brute force attackers. If your attacker already has capability to sniff your traffic, you are in bigger trouble and username changing is not going to help. Therefore all the other suggestions come into play (like limiting number of logins per minute, having a hard to guess password and limiting access from certain ports/IP addresses.Thanks Emils for quick response in both ticket reply and here. I really appreciate it.
I will not pretend that I understand how that protocol works. I can only believe it really is secure against MITM. However, it feels like being against recommended way to secure the router: https://wiki.mikrotik.com/wiki/Manual:S ... s_username
If someone has direct access(as written in the article), they can easily discover the username (because it is sent in plain-text) and therefore changing default username will make no difference, right?