It would be great to have some basic password protection - a user profile probably isn’t necessary, but some minimal security for the UI would be nice. Has any thought been given to this? I don’t really know React, so I’m not sure how complex a task this would be, but I might try to see if I can get something basic working.
It’s on the roadmap, certainly. We do want simple user and admin profiles. We need to get https working first (otherwise sending password from browser → server is useless).
I’ll attempt to set up a temporary simple solution for the next release though.
I’ve developed an alpha-version of a plugin to add basic-auth to the UI. It relies on some edits to the webserver and OS, but that’s all done automatically. Give it a try and let me know if you encounter any problems 
Edit: oh, you’ll need some changes to core, too. So run pio update app -b develop first. These changes will be in all releases after version 23.6.27.
Details and instructions here: GitHub - Pioreactor/pioreactor-basic-auth-for-ui