diff --git a/data/index.html b/data/index.html
index 2bff2d0..bf8a6b9 100644
--- a/data/index.html
+++ b/data/index.html
@@ -102,6 +102,9 @@
                 
                 <label for="tx_empty_queue">Clear Transmit-Queue after TX</label>
                 <input type="checkbox" name="tx_empty_queue"/>
+                
+                <label for="webserver_protect">Protect Web-Interface with AP-SSID/Pass</label>
+                <input type="checkbox" name="webserver_protect"/>
 
                 <label for="pocsag_german">German POCSAG</label>
                 <input type="checkbox" name="pocsag_german"/>
diff --git a/include/config.h b/include/config.h
index 8d05b85..b5c7a27 100644
--- a/include/config.h
+++ b/include/config.h
@@ -65,6 +65,7 @@ typedef struct {
     char device_name[33];
     // oled
     int oled_timeout;
+    bool webserver_protect;
 } cfg_t;
 
 void setup_storage(cfg_t *out);
diff --git a/include/webserver.h b/include/webserver.h
index 6e220b4..0cf918f 100644
--- a/include/webserver.h
+++ b/include/webserver.h
@@ -1,5 +1,6 @@
 #if !defined(_WEBSERVER_H)
     #define _WEBSERVER_H
+    #include <config.h>
 
     static void redirectHomeResponse(AsyncWebServerRequest *request);
     //
@@ -21,5 +22,6 @@
     static void justReboot(AsyncWebServerRequest *request);
     static void resetConfigReboot(AsyncWebServerRequest *request);
     void webserver_setup();
+    void webserver_setup(cfg_t *cfg);
 
 #endif
\ No newline at end of file
diff --git a/platformio.ini b/platformio.ini
index 46fb5d9..5cdf2f6 100644
--- a/platformio.ini
+++ b/platformio.ini
@@ -43,8 +43,6 @@ lib_deps =
 	bblanchon/ArduinoJson@^7.3.1
 	knolleary/PubSubClient@^2.8
 	thingpulse/ESP8266 and ESP32 OLED driver for SSD1306 displays@^4.6.1
-monitor_speed = 115200
-upload_speed = 921600
 
 
 [env:ttgo-lora32-v2_nodwd_mowas_noscreen]
@@ -56,6 +54,8 @@ lib_deps = ${common.lib_deps}
 ; build_flags =
 ; 	-flto
 board_build.embed_txtfiles = ${common.board_build.embed_txtfiles}
+monitor_speed = 115200
+upload_speed = 921600
 
 [env:ttgo-lora32-v2_dwd_mowas_noscreen]
 build_flags =
@@ -68,6 +68,8 @@ framework = arduino
 board = ttgo-lora32-v2
 board_build.mcu = esp32
 board_build.embed_txtfiles = ${common.board_build.embed_txtfiles}
+monitor_speed = 115200
+upload_speed = 921600
 
 [env:ttgo-lora32-v2_dwd_mowas_screen]
 build_flags =
@@ -81,3 +83,5 @@ framework = arduino
 board = ttgo-lora32-v2
 board_build.mcu = esp32
 board_build.embed_txtfiles = ${common.board_build.embed_txtfiles}
+monitor_speed = 115200
+upload_speed = 921600
\ No newline at end of file
diff --git a/src/config.cpp b/src/config.cpp
index 186c636..0a48434 100644
--- a/src/config.cpp
+++ b/src/config.cpp
@@ -138,15 +138,18 @@ void read_config(cfg_t *out) {
         int oled_timeout = doc["oled_timeout"].as<int>();
         out->oled_timeout = oled_timeout;
     }
+    if (doc["webserver_protect"].is<bool>()) {
+        bool webserver_protect = doc["webserver_protect"].as<bool>();
+        out->webserver_protect = webserver_protect;
+    }
+
+    
     Serial.println("Loaded Configuration:");
     Serial.printf("AP SSID: %s\n", out->ap_ssid);
     Serial.printf("AP Password: %s\n", out->ap_pass);
     Serial.printf("1. SSID: '%s'\n", out->wifi1_ssid);
-    Serial.printf("1. Password: '%s'\n", out->wifi1_pass);
     Serial.printf("2. SSID: '%s'\n",out->wifi2_ssid);
-    Serial.printf("2. Password: '%s'\n",out->wifi2_pass);
     Serial.printf("MQTT Host/Port: '%s':%d\n", out->mqtt_host, out->mqtt_port);
-    Serial.printf("User/Password: '%s':'%s'\n",out->mqtt_user, out->mqtt_pass);
     Serial.printf("Topic: '%s'\n",out->mqtt_topic);
     Serial.println();
     Serial.printf("German POCSAG: %d\n", out->pocsag_german);
@@ -219,6 +222,7 @@ void create_default_config() {
     doc["pocsag_german"] = false;
     doc["oled_timeout"] = 2;
     doc["device_name"] = "smartPOC";
+    doc["webserver_protect"] = false;
     File file = SPIFFS.open(ConfigFilePath, "w");
     if (!file) {
         Serial.println("Failed to open config file for writing");
diff --git a/src/main.cpp b/src/main.cpp
index c781afa..31722a4 100644
--- a/src/main.cpp
+++ b/src/main.cpp
@@ -63,7 +63,7 @@ void setup()
   #endif
   //
   setup_network();
-  webserver_setup();
+  webserver_setup(&globcfg);
   setup_mqtt();
   setup_broadcasts();
   // memdebug
diff --git a/src/webserver.cpp b/src/webserver.cpp
index 846c461..72fc583 100644
--- a/src/webserver.cpp
+++ b/src/webserver.cpp
@@ -60,6 +60,8 @@ static void redirectHomeResponse(AsyncWebServerRequest *request, String location
 }
 //
   static void insertPage(AsyncWebServerRequest *request) {
+    if (webserver_protecc && !request->authenticate(webserver_user, webserver_pass))
+      return request->requestAuthentication();
     uint32_t address = 0;
     int ric = -1;
     int fun = 0;
@@ -98,25 +100,35 @@ static void redirectHomeResponse(AsyncWebServerRequest *request, String location
   }
   
   static void transmit(AsyncWebServerRequest *request) {
+    if (webserver_protecc && !request->authenticate(webserver_user, webserver_pass))
+      return request->requestAuthentication();
     txControllerBatchStart();
     redirectHomeResponse(request, "/");
   }
   static void clearQueue(AsyncWebServerRequest *request) {
+    if (webserver_protecc && !request->authenticate(webserver_user, webserver_pass))
+      return request->requestAuthentication();
     redirectHomeResponse(request, "/");
   }
   static void resetConfigReboot(AsyncWebServerRequest *request) {
+    if (webserver_protecc && !request->authenticate(webserver_user, webserver_pass))
+      return request->requestAuthentication();
     redirectHomeResponse(request, "/");
     create_default_config();
     esp_cpu_reset(1);
     esp_cpu_reset(0);
   }
   static void justReboot(AsyncWebServerRequest *request) {
+    if (webserver_protecc && !request->authenticate(webserver_user, webserver_pass))
+      return request->requestAuthentication();
     redirectHomeResponse(request, "/");
     esp_cpu_reset(1);
     esp_cpu_reset(0);
   }
   //
   static void setAPCfg(AsyncWebServerRequest *request) {
+    if (webserver_protecc && !request->authenticate(webserver_user, webserver_pass))
+      return request->requestAuthentication();
     String ssid, pass;
     //
     if (request->hasArg("ssid")) ssid = request->arg("ssid");
@@ -128,6 +140,8 @@ static void redirectHomeResponse(AsyncWebServerRequest *request, String location
     redirectHomeResponse(request, "/#wifi");
   }
   static void setWifi1Cfg(AsyncWebServerRequest *request) {
+    if (webserver_protecc && !request->authenticate(webserver_user, webserver_pass))
+      return request->requestAuthentication();
     String ssid, pass;
     //
     if (request->hasArg("ssid")) ssid = request->arg("ssid");
@@ -139,6 +153,8 @@ static void redirectHomeResponse(AsyncWebServerRequest *request, String location
     redirectHomeResponse(request, "/#wifi");
   }
   static void setWifi2Cfg(AsyncWebServerRequest *request) {
+    if (webserver_protecc && !request->authenticate(webserver_user, webserver_pass))
+      return request->requestAuthentication();
     String ssid, pass;
     //
     if (request->hasArg("ssid")) ssid = request->arg("ssid");
@@ -151,6 +167,8 @@ static void redirectHomeResponse(AsyncWebServerRequest *request, String location
   }
   //
   static void setTransmitterCfg(AsyncWebServerRequest *request) {
+    if (webserver_protecc && !request->authenticate(webserver_user, webserver_pass))
+      return request->requestAuthentication();
     float tx_freq, tx_dev;
     int tx_power, tx_baud;
     bool tx_empty_queue, pocsag_german;
@@ -183,11 +201,19 @@ static void redirectHomeResponse(AsyncWebServerRequest *request, String location
       cfg_adjust("pocsag_german", pocsag_german);
     } else {
       cfg_adjust("pocsag_german", false);
-    }    
+    } 
+    if (request->hasArg("webserver_protect")) {
+      bool webserver_protect = request->arg("webserver_protect").equals("on");
+      cfg_adjust("webserver_protect", webserver_protect);
+    } else {
+      cfg_adjust("webserver_protect", false);
+    }
     cfg_write();
     redirectHomeResponse(request, "/#config");
   }
   static void setMQTTCfg(AsyncWebServerRequest *request) {
+    if (webserver_protecc && !request->authenticate(webserver_user, webserver_pass))
+      return request->requestAuthentication();
     String mqtt_host, mqtt_user, mqtt_pass, mqtt_topic;
     int mqtt_port;
     //
@@ -284,6 +310,8 @@ static void redirectHomeResponse(AsyncWebServerRequest *request, String location
   #endif
   //
   static void setTimebeacon(AsyncWebServerRequest *request) {
+    if (webserver_protecc && !request->authenticate(webserver_user, webserver_pass))
+      return request->requestAuthentication();
     int time_ric, time_fun;
     bool time_enable;
     int time_interval, time_mode;
@@ -319,6 +347,8 @@ static void redirectHomeResponse(AsyncWebServerRequest *request, String location
     redirectHomeResponse(request, "/#timebeacon");
   }
   static void setIdlebeacon(AsyncWebServerRequest *request) {
+    if (webserver_protecc && !request->authenticate(webserver_user, webserver_pass))
+      return request->requestAuthentication();
     bool idle_enable;
     int idle_interval, idle_mode;
     cfg_startTransaction();
@@ -341,6 +371,8 @@ static void redirectHomeResponse(AsyncWebServerRequest *request, String location
   }
   //
   static void setDevCfg(AsyncWebServerRequest *request) {
+    if (webserver_protecc && !request->authenticate(webserver_user, webserver_pass))
+      return request->requestAuthentication();
     int oled_timeout;
     //
     cfg_startTransaction();
@@ -356,14 +388,18 @@ static void redirectHomeResponse(AsyncWebServerRequest *request, String location
     redirectHomeResponse(request, "/#config");
   }
 //
-void webserver_setup() {
-  // ws.onEvent(onEvent);
-  // server.addHandler(&ws);
+bool webserver_protecc;
+char *webserver_user;
+char *webserver_pass;
+void webserver_setup(cfg_t *cfg) {
+  webserver_protecc = cfg->webserver_protect;
+  webserver_user = cfg->ap_ssid;
+  webserver_pass = cfg->ap_pass;
 
-  // // attach AsyncEventSource
-  // server.addHandler(&events);
   server.on("/", HTTP_GET, [](AsyncWebServerRequest *request)
-  {
+    {
+      if (webserver_protecc && !request->authenticate(webserver_user, webserver_pass))
+        return request->requestAuthentication();
     AsyncWebServerResponse *response = request->beginResponse_P(
         200, "text/html", data_index_html_start,
         data_index_html_end - data_index_html_start - 1);
@@ -387,6 +423,8 @@ void webserver_setup() {
     request->send(response);
   });
   server.on("/config.json", HTTP_GET, [](AsyncWebServerRequest *request) {
+    if (webserver_protecc && !request->authenticate(webserver_user, webserver_pass))
+      return request->requestAuthentication();
     String output = cfg_tostring();
     AsyncWebServerResponse *response =
         request->beginResponse(200, "application/json", output);
@@ -394,6 +432,8 @@ void webserver_setup() {
     request->send(response);
   });
   server.on("/contacts.json", HTTP_GET, [](AsyncWebServerRequest *request) {
+    if (webserver_protecc && !request->authenticate(webserver_user, webserver_pass))
+      return request->requestAuthentication();
     String output = contacts_tostring();
     AsyncWebServerResponse *response =
         request->beginResponse(200, "application/json", output);
@@ -401,6 +441,8 @@ void webserver_setup() {
     request->send(response);
   });
   server.on("/contacts.json", HTTP_POST, [](AsyncWebServerRequest * request){
+    if (webserver_protecc && !request->authenticate(webserver_user, webserver_pass))
+      return request->requestAuthentication();
     if (request->hasParam("body", true)) { // This is important, otherwise the sketch will crash if there is no body
       contacts_write(request->getParam("body", true)->value());
       request->send(200, "text/plain", "ok\n");