Right now, the light bulb has to be put into paring mode where it broadcasts an open wifi network through which you give it the credentials for your wifi. This exposes your password from being discovered by packet sniffers. If each lightbulb had a randomnly generated QR code password in manufacturing that is scanned by the phone’s camera, this would eliminate the risk as the password isn’t transmitted in the clear at any point during setup. This QR code setup method should be used for all devices including cameras, similar to Nest.
Here’s something else to be paranoid about. When the bulb no longer works and you throw it away, someone could open it up and extract the wifi password from it physically. Or just steal one of your working bulbs. Anything is possible.
But I’m not losing any sleep over it.
I would reset the bulb before discarding.
That would be much easier. I was only able to get 1 of 4 bulbs set up after hours of messing with it. The connection kept timing out. There is a square code on the bulb and the box but nothing happened when I tried using the phone camera to scan it as a last resort.
In case you or someone else hasn’t resolved this already, make sure mobile data on your phone is disabled during setup. Otherwise your phone wants to swap the no internet connection of the bulb’s wifi with your mobile data that does have internet. Hopefully this fixes it. Was my problem with 4 bulbs before it dawned on me that I’ve run into this type of problem before.