HawkXP71 112 Posted December 27, 2022 Posted December 27, 2022 One thing that would be great, if there was a setting that for login only allowed users to log into a server, if they come in via emby connect. So password protection was done via emby.media rather than on the local server. THen to add a new user, you simply add their emby.connect email address, what libraries and features etc.. but not credentials as such on the local server
seanbuff 1358 Posted December 27, 2022 Posted December 27, 2022 2 minutes ago, HawkXP71 said: So password protection was done via emby.media rather than on the local server. THen to add a new user, you simply add their emby.connect email address, what libraries and features etc.. but not credentials as such on the local server Isn't that how it already works today? My users create their own passwords via a new community account (Emby Connect) and I simply create a new local user, link their (Connect) email address and assign library access. I do not apply passwords locally on the server. Only users know their own passwords, and are managed by emby.media as you said.
HawkXP71 112 Posted December 27, 2022 Author Posted December 27, 2022 Just now, seanbuff said: Isn't that how it already works today? My users create their own passwords via a new community account (Emby Connect) and I simply create a new local user, link their (Connect) email address and assign library access. I do not apply passwords locally on the server. Only users know their own passwords, and are managed by emby.media as you said. but, if someone "guessed" their username, they could log in without a password to your server.
HawkXP71 112 Posted December 27, 2022 Author Posted December 27, 2022 Or more importantly, if you forgot to turn on "hide this user" from the various conditions, someone who found your site, could just log in
ebr 16346 Posted December 27, 2022 Posted December 27, 2022 12 hours ago, seanbuff said: I do not apply passwords locally on the server If you are allowing remote access, you definitely want to put strong passwords on those user accounts. 2
ebr 16346 Posted December 27, 2022 Posted December 27, 2022 @HawkXP71 Couldn't you accomplish this now by simply providing a strong password that no one knows for the local user?
crusher11 1151 Posted December 27, 2022 Posted December 27, 2022 14 hours ago, HawkXP71 said: but, if someone "guessed" their username, they could log in without a password to your server. ...no?
HawkXP71 112 Posted December 27, 2022 Author Posted December 27, 2022 2 hours ago, ebr said: @HawkXP71 Couldn't you accomplish this now by simply providing a strong password that no one knows for the local user? That could definately work for my pure remote users. Thanks.
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now