diff --git a/examples/provisioning/ble_prov/main/app_prov_handlers.c b/examples/provisioning/ble_prov/main/app_prov_handlers.c
index 4a0c0d99a..05dc895dc 100644
--- a/examples/provisioning/ble_prov/main/app_prov_handlers.c
+++ b/examples/provisioning/ble_prov/main/app_prov_handlers.c
@@ -98,10 +98,14 @@ static esp_err_t set_config_handler(const wifi_prov_config_set_data_t *req_data,
 
     ESP_LOGI(TAG, "WiFi Credentials Received : \n\tssid %s \n\tpassword %s",
              req_data->ssid, req_data->password);
-    memcpy((char *) wifi_cfg->sta.ssid, req_data->ssid,
-           strnlen(req_data->ssid, sizeof(wifi_cfg->sta.ssid)));
-    memcpy((char *) wifi_cfg->sta.password, req_data->password,
-           strnlen(req_data->password, sizeof(wifi_cfg->sta.password)));
+
+    /* Using strncpy allows the max SSID length to be 32 bytes (as per 802.11 standard).
+     * But this doesn't guarantee that the saved SSID will be null terminated, because
+     * wifi_cfg->sta.ssid is also 32 bytes long (without extra 1 byte for null character).
+     * Although, this is not a matter for concern because esp_wifi library reads the SSID
+     * upto 32 bytes in absence of null termination */
+    strncpy((char *) wifi_cfg->sta.ssid, req_data->ssid, sizeof(wifi_cfg->sta.ssid));
+    strlcpy((char *) wifi_cfg->sta.password, req_data->password, sizeof(wifi_cfg->sta.password));
     return ESP_OK;
 }
 
diff --git a/examples/provisioning/console_prov/main/app_prov_handlers.c b/examples/provisioning/console_prov/main/app_prov_handlers.c
index 49c29739f..e3fa61496 100644
--- a/examples/provisioning/console_prov/main/app_prov_handlers.c
+++ b/examples/provisioning/console_prov/main/app_prov_handlers.c
@@ -98,10 +98,14 @@ static esp_err_t set_config_handler(const wifi_prov_config_set_data_t *req_data,
 
     ESP_LOGI(TAG, "WiFi Credentials Received : \n\tssid %s \n\tpassword %s",
              req_data->ssid, req_data->password);
-    memcpy((char *) wifi_cfg->sta.ssid, req_data->ssid,
-           strnlen(req_data->ssid, sizeof(wifi_cfg->sta.ssid)));
-    memcpy((char *) wifi_cfg->sta.password, req_data->password,
-           strnlen(req_data->password, sizeof(wifi_cfg->sta.password)));
+
+    /* Using strncpy allows the max SSID length to be 32 bytes (as per 802.11 standard).
+     * But this doesn't guarantee that the saved SSID will be null terminated, because
+     * wifi_cfg->sta.ssid is also 32 bytes long (without extra 1 byte for null character).
+     * Although, this is not a matter for concern because esp_wifi library reads the SSID
+     * upto 32 bytes in absence of null termination */
+    strncpy((char *) wifi_cfg->sta.ssid, req_data->ssid, sizeof(wifi_cfg->sta.ssid));
+    strlcpy((char *) wifi_cfg->sta.password, req_data->password, sizeof(wifi_cfg->sta.password));
     return ESP_OK;
 }
 
diff --git a/examples/provisioning/custom_config/main/app_prov.c b/examples/provisioning/custom_config/main/app_prov.c
index 6ed3df19a..1bd773386 100644
--- a/examples/provisioning/custom_config/main/app_prov.c
+++ b/examples/provisioning/custom_config/main/app_prov.c
@@ -327,13 +327,13 @@ static esp_err_t start_wifi_ap(const char *ssid, const char *pass)
     };
 
     strncpy((char *) wifi_config.ap.ssid, ssid, sizeof(wifi_config.ap.ssid));
-    wifi_config.ap.ssid_len = strlen(ssid);
+    wifi_config.ap.ssid_len = strnlen(ssid, sizeof(wifi_config.ap.ssid));
 
     if (strlen(pass) == 0) {
         memset(wifi_config.ap.password, 0, sizeof(wifi_config.ap.password));
         wifi_config.ap.authmode = WIFI_AUTH_OPEN;
     } else {
-        strncpy((char *) wifi_config.ap.password, pass, sizeof(wifi_config.ap.password));
+        strlcpy((char *) wifi_config.ap.password, pass, sizeof(wifi_config.ap.password));
         wifi_config.ap.authmode = WIFI_AUTH_WPA_WPA2_PSK;
     }
 
diff --git a/examples/provisioning/custom_config/main/app_prov_handlers.c b/examples/provisioning/custom_config/main/app_prov_handlers.c
index c67eeebca..2f320890e 100644
--- a/examples/provisioning/custom_config/main/app_prov_handlers.c
+++ b/examples/provisioning/custom_config/main/app_prov_handlers.c
@@ -110,10 +110,14 @@ static esp_err_t set_config_handler(const wifi_prov_config_set_data_t *req_data,
 
     ESP_LOGI(TAG, "WiFi Credentials Received : \n\tssid %s \n\tpassword %s",
              req_data->ssid, req_data->password);
-    memcpy((char *) wifi_cfg->sta.ssid, req_data->ssid,
-           strnlen(req_data->ssid, sizeof(wifi_cfg->sta.ssid)));
-    memcpy((char *) wifi_cfg->sta.password, req_data->password,
-           strnlen(req_data->password, sizeof(wifi_cfg->sta.password)));
+
+    /* Using strncpy allows the max SSID length to be 32 bytes (as per 802.11 standard).
+     * But this doesn't guarantee that the saved SSID will be null terminated, because
+     * wifi_cfg->sta.ssid is also 32 bytes long (without extra 1 byte for null character).
+     * Although, this is not a matter for concern because esp_wifi library reads the SSID
+     * upto 32 bytes in absence of null termination */
+    strncpy((char *) wifi_cfg->sta.ssid, req_data->ssid, sizeof(wifi_cfg->sta.ssid));
+    strlcpy((char *) wifi_cfg->sta.password, req_data->password, sizeof(wifi_cfg->sta.password));
     return ESP_OK;
 }
 
diff --git a/examples/provisioning/softap_prov/main/app_prov.c b/examples/provisioning/softap_prov/main/app_prov.c
index 79c1e0da0..23e030415 100644
--- a/examples/provisioning/softap_prov/main/app_prov.c
+++ b/examples/provisioning/softap_prov/main/app_prov.c
@@ -314,13 +314,13 @@ static esp_err_t start_wifi_ap(const char *ssid, const char *pass)
     };
 
     strncpy((char *) wifi_config.ap.ssid, ssid, sizeof(wifi_config.ap.ssid));
-    wifi_config.ap.ssid_len = strlen(ssid);
+    wifi_config.ap.ssid_len = strnlen(ssid, sizeof(wifi_config.ap.ssid));
 
     if (strlen(pass) == 0) {
         memset(wifi_config.ap.password, 0, sizeof(wifi_config.ap.password));
         wifi_config.ap.authmode = WIFI_AUTH_OPEN;
     } else {
-        strncpy((char *) wifi_config.ap.password, pass, sizeof(wifi_config.ap.password));
+        strlcpy((char *) wifi_config.ap.password, pass, sizeof(wifi_config.ap.password));
         wifi_config.ap.authmode = WIFI_AUTH_WPA_WPA2_PSK;
     }
 
diff --git a/examples/provisioning/softap_prov/main/app_prov_handlers.c b/examples/provisioning/softap_prov/main/app_prov_handlers.c
index 4a0c0d99a..05dc895dc 100644
--- a/examples/provisioning/softap_prov/main/app_prov_handlers.c
+++ b/examples/provisioning/softap_prov/main/app_prov_handlers.c
@@ -98,10 +98,14 @@ static esp_err_t set_config_handler(const wifi_prov_config_set_data_t *req_data,
 
     ESP_LOGI(TAG, "WiFi Credentials Received : \n\tssid %s \n\tpassword %s",
              req_data->ssid, req_data->password);
-    memcpy((char *) wifi_cfg->sta.ssid, req_data->ssid,
-           strnlen(req_data->ssid, sizeof(wifi_cfg->sta.ssid)));
-    memcpy((char *) wifi_cfg->sta.password, req_data->password,
-           strnlen(req_data->password, sizeof(wifi_cfg->sta.password)));
+
+    /* Using strncpy allows the max SSID length to be 32 bytes (as per 802.11 standard).
+     * But this doesn't guarantee that the saved SSID will be null terminated, because
+     * wifi_cfg->sta.ssid is also 32 bytes long (without extra 1 byte for null character).
+     * Although, this is not a matter for concern because esp_wifi library reads the SSID
+     * upto 32 bytes in absence of null termination */
+    strncpy((char *) wifi_cfg->sta.ssid, req_data->ssid, sizeof(wifi_cfg->sta.ssid));
+    strlcpy((char *) wifi_cfg->sta.password, req_data->password, sizeof(wifi_cfg->sta.password));
     return ESP_OK;
 }