You have:

  1. A Roomba vacuum. (I was working with an i-series when I wrote this. Maybe this applies to other models as well.)
  2. A firewall or router between your Roomba and your mobile device. (Maybe the two are on different wifi networks as would be the case if you have a network set aside for IoT devices.)
  3. An iRobot app that gets stuck at Verify password when setting up the Roomba.

Bear in mind, the only people who know all the reasons the app could get stuck on Verify password are iRobot people. With a little bit of forensics on my i3 unit, I found and fixed at least one reason. Perhaps this will help you, too.

After joining the Romba's wifi network, the app switches back to the mobile device's regular wifi network and attempts to talk to the Roomba by:

  1. Sending a broadcast and then a unicast message to UDP port 5678 to discover the Roomba. Because the Roomba is on a different subnet, it doesn't see that message and doesn't send back whatever response the app is expecting.
  2. Using the discovered Roomba's IP address, connecting to the Roomba on TCP port 8883 (for MQTT messaging).

If either of these connections are blocked or otherwise don't reach the Roomba, the app will get stuck at Verify password.

As an alternative to changing the network to allow these messages, I suspect you could also join your mobile device to the same network as the Roomba, do the setup, and then put your device back in its regular network.

The specifics of how you change the network to allow these connections will depend on your equipment. A sample using OpenBSD pf(4) is shown below.

iot_interface = "vlan101"
iot_network = ""
mobile_interface = "vlan102"
mobile_network = ""
roomba = ""

# Redirect discovery messages to the Roomba. Discovery messages have two forms:
#  1. Sent to the mobile network's firewall/router IP address.
#  2. Sent to the mobile network's broadcasat address.
pass in on $mobile_interface inet proto udp from $mobile_network \
       to $mobile_interface port 5678 \
       rdr-to $roomba
pass in on $mobile_interface inet proto udp from $mobile_network \
       to $mobile_interface:broadcast port 5678 \
       rdr-to $roomba

# Permit MQTT messaging.
pass in on $mobile_interface inet proto tcp from $mobile_network  \
       to $roomba port 8883

Once the setup process is complete, you can remove these changes from the network. The app still tries to discover the Roomba and connect to it using MQTT, but it must fall back to using the cloud to communicate because, in my experience, nothing seemed to break if these local connections are blocked after setup.