Following Steve Copes "How to install the Mosquitto Broker on Windows", I created a password.txt file and encrypted it using the mosquiito_passwd utility.
Then I edited the mosquitto.conf file by uncommenting allow_anonymous and setting to false, and uncommenting password_file and setting the path of my password.txt file (In the same folder as mosquitto.conf)
Using MQTT Explorer I am able to log into the broker using the credentials in my password.txt file, but I am also able to still log in leaving user and password blank.
I've seen similar questions being asked here, but I can't find any solutions that have worked, please point me in the right direction. I'am using mosquitto 2.0.14 x64 on Windows 10
Edit:
Only edit done to mosquitto.conf is uncommenting the lines as follows:
# acl_file
allow_anonymous false
# allow_zero_length_clientid
# auto_id_prefix
password_file C:\Users\'MyName'\mosquitto\password.txt
# plugin
# plugin_opt_*
# psk_file
Solution Found: Adding 'listener 1883' before allow_anonymous false has got it working although I am unsure why that makes a difference. Config file as follows:
# acl_file
listener 1883
allow_anonymous false
# allow_zero_length_clientid
# auto_id_prefix
password_file C:\Users\'MyName'\mosquitto\password.txt
# plugin
# plugin_opt_*
# psk_file