Notes from ESP8266 SSL connections down using Blynk_WiFiManager
This so-called "insecured mode"
- permits you to actually connect to a TLS server (port 443,9443, etc., especially with expired CA Certs such as Blynk Cloud). It won’t let you connect to plain non-SSL server because full encryption is still required.
- You never have to worry about CA Certs’ update and to include every trusted CA root certificate of every TLS server
- Still requires encryption. It just does not validate the certificate or fingerprint. Insecure because we could be subject to a MITM (Man-In-The-Middle) attack.
- It’s still much better than plain non-SSL mode which just communicates using no encryption at all.
So this is the much better choice.