That works as long as you are the only one with access to your computer. If btsync is running on a shared computer, any other user on the computer would also be able to access it. (Other users would also notice that someone else was already running the WebUI on port 8888.) I think ideally, the default mode for btsync would just prompt for a password to use with the WebUI, and generate (and reuse) a default config file stored in user's home directory.