Jump to content

Support for both strong and weak passwords on a per-client basis?


TheShanMan

Recommended Posts

TheShanMan

I would like to use strong passwords for exposing my server to the internet for mobile clients, but I also want to support the 10 foot experience at home, where I like to use a 4 digit password for parents' content and no password for kids' content. Is there any chance of a feature to support this scenario? Basically, I'd like 2 passwords per user where the strong passwords are required for all clients except whitelisted clients (my TV), which would accept the weak passwords.

  • Like 8
Link to comment
Share on other sites

Not sure what "paw" is but I'm glad to hear it and I look forward to the implementation! Thanks!

 

Auto-correct on a phone :)

Link to comment
Share on other sites

  • 1 month later...
TheShanMan

Just curious - with the recent big server release out of the way, will this feature be coming sooner rather than later? It would be nice to have better security as soon as possible. :)

Link to comment
Share on other sites

uspider7

+1 for me as well, I currently don't expose my setup because I don't want to setup pwd for clients within my network, but outside is a must.

Link to comment
Share on other sites

  • 1 month later...
  • 2 weeks later...
kingy444

Yea I agree on this too. I would like the option to when at home use no password or pin (just like to auto load) but then when I am out of the house lock down content to a secure password (some people may like just a pin I guess).

 

Additionally to this I would want the option in users to disable remote access all together for some users. So user 1 & 2 have unvetted access at home but only user 2 is granted remote login rights

  • Like 2
Link to comment
Share on other sites

jhoff80

Additionally to this I would want the option in users to disable remote access all together for some users. So user 1 & 2 have unvetted access at home but only user 2 is granted remote login rights

 

Agreed entirely.

Link to comment
Share on other sites

  • 3 weeks later...
lobo683

I agree with the 2 things :

 

1-The Option of having the users to Not require passwords when using the Internal network but it would be required when outside of the Lan.

2-The Option to disable certain users from being able to access the server from outside the Lan. 

Link to comment
Share on other sites

  • 3 weeks later...
  • 4 weeks later...

I agree with the 2 things :

 

1-The Option of having the users to Not require passwords when using the Internal network but it would be required when outside of the Lan.

2-The Option to disable certain users from being able to access the server from outside the Lan. 

 

i like that idea too

Link to comment
Share on other sites

  • 3 weeks later...
TheShanMan

Yeah, I've been wondering if anything is going to come of this too.

 

In response to the talk of an option to have no password internally but a password externally, I want to reiterate that it's important to have the option to also have one internal password and another external password. For a parent's account which is restricted from kids, internally I definitely want a simple password but externally I want a complex password.

Link to comment
Share on other sites

TheShanMan

Another thought comes to mind. Now there's this concept of client keys (not sure if that's the right name). A possible alternative to the dual passwords might be to have a setting to disallow unknown clients by default and require a pairing/whitelisting process for a new client to be allowed to access the server. Or maybe clients on internal IP's could automatically get whitelisted and then when such clients connect via external IP, they are automatically allowed but any other clients would be denied access.

 

I don't know what the vision is for client keys so maybe it doesn't fit with the vision but just throwing it out there since the real goal here is preventing unauthorized external access.

Link to comment
Share on other sites

  • 2 weeks later...
TheShanMan

I see the latest release allows you to not require a password for local access. Is more functionality in this area coming? That simply isn't enough. I need 2 passwords - one simple one for local access and one complex one for internet access. I don't want to remove my local password because my account is restricted from the kids.

Link to comment
Share on other sites

MrWebsmith

I would assume like many of our features it will be worked on and refined as we move forward.

Link to comment
Share on other sites

nydude25

Using passwords for access to the server from outside your local network seems to be generally wanted.

 

But for accounts on your own local LAN, you won't need passwords since local users already have physical access to the server, so anyone looking to gain access to the media will be able to anyway.

 

Having MB require a password to access your movies each time you want to watch something would be a big drawback in its usability. 

Link to comment
Share on other sites

TheShanMan

Using passwords for access to the server from outside your local network seems to be generally wanted.

 

But for accounts on your own local LAN, you won't need passwords since local users already have physical access to the server, so anyone looking to gain access to the media will be able to anyway.

 

Having MB require a password to access your movies each time you want to watch something would be a big drawback in its usability.

Huh??? Of course users may want local passwords. I take other measures to prevent access via other methods to that which I want restricted.

 

No one said user accounts should be forced to have passwords. Local passwords have been supported all along. I am simply looking for a way to secure external access to my server, and this change, while welcome, doesn't go far enough to help me at all yet.

Edited by TheShanMan
Link to comment
Share on other sites

Yeah, passwords are important even locally for households with kids.  I'm sure this feature will expand in the future.  This is just a first step.

  • Like 1
Link to comment
Share on other sites

nydude25

Huh??? Of course users may want local passwords. I take other measures to prevent access via other methods to that which I want restricted.

 

No one said user accounts should be forced to have passwords. Local passwords have been supported all along. I am simply looking for a way to secure external access to my server, and this change, while welcome, doesn't go far enough to help me at all yet.

 

Maybe I misunderstood what you meant in the comment I had read earlier.

 

I see the latest release allows you to not require a password for local access. Is more functionality in this area coming? That simply isn't enough. I need 2 passwords - one simple one for local access and one complex one for internet access. I don't want to remove my local password because my account is restricted from the kids.

 

 

The way the local passwords currently are optional is what I was referring to. I simply meant that requiring a password for access each time a local account accesses MB would be a usability issue.

Link to comment
Share on other sites

TheShanMan

Yeah, passwords are important even locally for households with kids.  I'm sure this feature will expand in the future.  This is just a first step.

Awesome to hear. I'll continue to keep my eyes peeled! :)

Link to comment
Share on other sites

kingy444

Just posted on the recent announcement but figured it cant hurt here.

 

Im sure its here somewhere already but an allow/disallow for users to login remotely would be good. I only have a couple users who should be able to logon remotely but others shouldnt be able to

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...