diaz1510 154 Posted June 8, 2023 Posted June 8, 2023 (edited) Just got done dealing with that virus issue and was helped out greatly by @softworkz on this issue. Got it cleaned up and handled, thanks!. Also updated to the latest Server 4.7.13. Part of the process was updating the passwords to each of my user accounts (I have 3, 1 for me, and 1 for each of my kids). One difference now is that when I select Change User (not signing out) to any other user, whether on Emby Theater or using the Browser, I am now always prompted to enter the password for any account I'm switching between each time (even though I have selected Remember Me). This wasn't the case before these issues and/or update. It's a bit annoying each time and it just added a whole layer of difficulty to my kids using Emby (they are very young). It doesn't help that there isn't an option to "Show" the password when typing it...that would help them make sure they are typing it properly. It will remember the LAST person signed in, however. So if I close out of Emby, it will open up the last logged in user's profile. The issue is just switching between them that has changed. Requiring a password on the local network was always selected, even before the server update. Is this just a new way of doing business or am I doing something wrong/discovered a bug? Thanks. Edited June 8, 2023 by diaz1510
pwhodges 2012 Posted June 8, 2023 Posted June 8, 2023 This is a result of the increased server security following the hacking attack. I believe there are plans to adapt the clients to make them able to remember multiple passwords without compromising the new security - but this requires some time and planning as the previous reliance on recognising local systems is being changed. Things should improve and become easier again after a while. Paul 1
rbjtech 5284 Posted June 8, 2023 Posted June 8, 2023 There is also the option to put back not requiring a password on the LAN. Depending on the client - there may also be an option to use a Pin or Navigation Combo instead. If the latest release has been installed, system fully checked as per the clean up instructions (if you were impacted obviously..) and only the non Admin accounts have this option set, then imo I don't believe there is much of a risk. We haven't been given any ETA for the client side password fix - and entering a password every time is simply not workable - and all that will happen is users will start setting very short/weak passwords - as there is nothing to stop them. If they have remote access on the same account, this will in turn weaken security, not increase it... Again, nothing to stop a brute force attempt at the moment. An ETA on the client side fix would be good - and then let the user make the judgement call. 2
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now