Implementing an authentication system based on 3 questions for users of a MikroTik hotspot requires specific customization of the hotspot login page.

MikroTik allows you to completely customize the pages that users see when they connect to the hotspot, including the login page.

Here is a general approach on how you can achieve this:

Step 1: Access Hotspot Files

First, you need to access the hotspot configuration files. This can be done through WinBox or via FTP/SSH.

• In WinBox: Go to Files, and you will find a folder called Hotspot. Inside this folder will be all the files related to your hotspot, including the login page (login.html).

Step 2: Modify the Login Page

To add security questions to the login process, you will need to edit the file login.html (or the file used as the login page, which may vary depending on your configuration). You will need basic knowledge of HTML and possibly JavaScript to make these modifications.

1. Add Questions: Incorporate the three questions directly into the HTML code. You can use form fields (<input> o <select>) for users to respond.
2. Response Validation: To validate responses, you can use JavaScript. The idea is to check that the answers are correct before allowing the form to be submitted. Please note that this validation method is visible to the user and should not be used for sensitive or security-critical information.
3. Modify the Shipping Process: Make sure the form is only submitted if the answers are correct. This can be done by intercepting the form's submit event with JavaScript.

Step 3: Upload Modified Files

Once you have modified the login page according to your needs, you must upload the modified file back to your MikroTik file system.

• Use WinBox or an FTP/SSH connection to upload the file login.html modified to the hotspot folder.

Step 4: Test the Hotspot

After uploading your changes, it is crucial to test the hotspot's operation:

1. Connect to the Hotspot: Use a device that is not currently authenticated.
2. Answer the questions: Try to access the internet by answering the questions implemented.
3. Verify the Connection: Make sure that the Internet connection is enabled only after you answer the questions correctly.

Security Considerations

• Client-side validation (JavaScript) is useful for functionality and user interaction but is not safe for validating sensitive information as it can be easily altered or bypassed. For critical issues, you should implement server-side validations.
• Consider the privacy and sensitivity of the questions you ask. Because this implementation is not secure, you should not use questions that require answers that could compromise the user's security or privacy if intercepted.

This approach is basic and is intended to add an extra layer of interaction before Internet access on a MikroTik hotspot.

For more complex or secure implementations, you may need more advanced customizations or even develop a backend system that handles authentication more securely.