Jump to content

Reset forgotten password

goldsworthy1

By goldsworthy1
in General/Windows

 Share

Recommended Posts

goldsworthy1

goldsworthy1 5

Posted
Posted

How do you reset a forgotten password? I'm logged in as my administrator account, but you can't change the password without knowing the current password!? 

darkassassin07

darkassassin07 652

Posted
Posted (edited)

First remove the password, then set a fresh one. 

 

 

It's rather dumb that an admin needs the current password to directly set a new one, but that's the way it is. 🤷 Perhaps that'll get looked at with the comming security overhaul.

Edited by darkassassin07
Carlo

Carlo 4561

Posted
Posted

You won't see a remove password on your own admin account.

Create a new user with a password, then enable "Allow this user to manage the server".

Log out as the admin and back in with the new admin account.
Use this to remove/reset your primary admin account password.

Log out and then log back in with your original account.
You can now remove the new admin account.

There is always this way as well:
https://emby.media/support/articles/Admin-Password-Reset.html

Carlo

rbjtech

rbjtech 5284

Posted
Posted (edited)
2 hours ago, Carlo said:

You won't see a remove password on your own admin account.

Create a new user with a password, then enable "Allow this user to manage the server".

Log out as the admin and back in with the new admin account.
Use this to remove/reset your primary admin account password.

Log out and then log back in with your original account.
You can now remove the new admin account.

There is always this way as well:
https://emby.media/support/articles/Admin-Password-Reset.html

Carlo

I raised this the other week - even if you do know the Admin password and just want to change it (this was after the security incident) you get a message that it is the incorrect password when it clearly isn't as I could login fine with it - I just couldn't change it.  I did the above and all was well, but many are going to be stumped by the incorrect/misleading message.

I don't have any issue with not being able to 'easily' change the Admin password when logged in as the Admin - but a proper message or description of how you need to go about it should be presented - and the attempt should be fully logged as well.   

5 hours ago, darkassassin07 said:

Perhaps that'll get looked at with the comming security overhaul.

 Agreed - pretty standard practice stuff.

I do believe @Lukementioned that they are working on the password complexity/entropy and lockout features - so hope the Admin password reset improvements will be included in that.

Edited by rbjtech
darkassassin07

darkassassin07 652

Posted
Posted

To reset/remove an admins password, you have to first remove their admin privileges. When a user has admin, the remove password button doesn't exist for their account at all.

rbjtech

rbjtech 5284

Posted
Posted (edited)
23 minutes ago, darkassassin07 said:

To reset/remove an admins password, you have to first remove their admin privileges. When a user has admin, the remove password button doesn't exist for their account at all.

As discussed above, you need to use an alternative Admin account - you can then reset the password on the required Admin account - leaving it as Admin - that is not an issue.  Then test the reset account.  Then delete the Temp Admin account (unless you want a backdoor/breakglass account), as you cannot disabled an Admin account.  

Edited by rbjtech
darkassassin07

darkassassin07 652

Posted
Posted (edited)

I've already tested this. here's a screenshot of the password page of a separate admin account from the one im logged in as:

Screenshot_20230609_080006_Emby.thumb.jpg.a6bf9322109386347e9d757c1c5d6d38.jpg

You cannot remove the password of an admn user. You must either know their password, or remove their admin privileges first.

Edited by darkassassin07
rbjtech

rbjtech 5284

Posted
Posted

Maybe on Android - on a web browser, logged in as Admin -  you get this -

image.png.f805237e39e7f750bc630f62fdc11e5a.png

ie - i can reset the other Admin account password without knowing it.

darkassassin07

darkassassin07 652

Posted
Posted

Odd. Same page via chrome (desktop and mobile are the same):

Screenshot_20230609_092737_Chrome.thumb.jpg.1e45497748d8a06c6feb257c2461196d.jpg

What server version you running? (I'm on 4.7.13.0)

rbjtech

rbjtech 5284

Posted
Posted
3 minutes ago, darkassassin07 said:

What server version you running? (I'm on 4.7.13.0)

Ah - I'm on the latest Beta (4.8.0.39) - maybe that's the reason why.

@Luke- Could you kindly confirm ?

Luke Emby Team

Luke 42080

Posted
Posted

Hi, yes there are changes to this screen in the beta server.

  • Thanks 1

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...