Robert Smith 1 Posted November 23, 2022 Share Posted November 23, 2022 (edited) Good morning, The dark web is riddled with databases from hacked forums. All it takes is a zero-day exploit to download a forum database. I am surprised that the mechanism being used to manage Emby Connect users is forum registration. Even with salted passwords, it is simply bad practice. I recommend separating user credential that pertains to accessing a server from the Emby community forum. At the bare minimum, I would look into offering MFA, which would offer protection from unauthorized users gaining access to an account and servers. Edited November 23, 2022 by Robert Smith Link to comment Share on other sites More sharing options...
ebr 14903 Posted November 23, 2022 Share Posted November 23, 2022 1 hour ago, Robert Smith said: I recommend separating user credential that pertains to accessing a server from the Emby community forum Hi. You already have this ability. Using Connect is completely optional. You can just use your own user authentication that exists only on your server. Link to comment Share on other sites More sharing options...
Robert Smith 1 Posted November 24, 2022 Author Share Posted November 24, 2022 (edited) What about if I want to purchase premier, don't I need to have an account here to do so? I would imagine the email provided to purchase the premier license has to be in your database. I appreciate the ability to creating local accounts, but that does not negates the concerns I shared. Using a forum to manage registration to features that could give someone access to my server is bad, bad practice. I am not saying that to be rude, I just started using Emby and purchased a lifetime license. Love the product! Edited November 24, 2022 by Robert Smith Link to comment Share on other sites More sharing options...
Luke 37008 Posted November 24, 2022 Share Posted November 24, 2022 12 minutes ago, Robert Smith said: What about if I want to purchase premier, don't I need to have an account here to do so? I would imagine the email provided to purchase the premier license has to be in your database. I appreciate the ability to creating local accounts, but that does not negates the concerns I shared. Using a forum to manage registration to features that could give someone access to my server is bad, bad practice. I am not saying that to be rude, I just started using Emby and purchased a lifetime license. Love the product! Hi, no, you do not need to have a forum account for Emby Premiere. 1 Link to comment Share on other sites More sharing options...
Robert Smith 1 Posted November 24, 2022 Author Share Posted November 24, 2022 Thanks for the clarification. Link to comment Share on other sites More sharing options...
Luke 37008 Posted November 24, 2022 Share Posted November 24, 2022 8 minutes ago, Robert Smith said: Thanks for the clarification. The forum and Emby Connect use the same login system, so they are tied together, but they are not a requirement to purchase Emby Premiere or use Premiere features. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now