Port forwarding Mosquitto MQTT

Configuration
1

So i have portforwarded my Mosquitto MQTT Broker with a username & password. I see a lot of people saying this is not “safe” but i dont get why tbh.

yes anyone can post to it. But they need a password/username. And i am using the payed subscription for remote acces. I only got the mqtt port portforwarded?

2

Can you please specify which port did you forward? And what do you mean with payed subscription?

3

Because your user and password are probably in plain text.