yocker 1323 Posted Saturday at 09:10 PM Posted Saturday at 09:10 PM Disable admin account from outside and use VPN when needing to use the admin account should make files secure. Keep an eye on where users connect from once in a while, there are plugins for that. Blacklist countries you have no users in. Make sure users don't set 1234 as password.. Emby needs a feature for minimum lenght and special character passwords Correctly set up proxy instead of direct Emby access. Tailscale funnel also works very nicely and doesn't require "outsiders" to have tailscale. Not saying 2fa isn't needed, just that there are other ways to secure the server. 1
muzicman0 85 Posted Saturday at 09:19 PM Posted Saturday at 09:19 PM I honestly don't understand the 2fa on just admin accounts. I don't want ANYONE logging into my server that I don't know, admin or not. 1
ugenest 1 Posted Sunday at 01:00 PM Posted Sunday at 01:00 PM On 3/4/2026 at 12:44 PM, ugenest said: +1 for 2FA for the admin account for any account would be better (that would be perfect), but than nothing, it should be at least for the admin account
yocker 1323 Posted Sunday at 04:42 PM Posted Sunday at 04:42 PM 3 hours ago, ugenest said: for any account would be better (that would be perfect), but than nothing, it should be at least for the admin account If only the admin account then a VPN would be easier and better. 1
bandit8623 223 Posted 2 hours ago Posted 2 hours ago On 3/8/2026 at 11:42 AM, yocker said: If only the admin account then a VPN would be easier and better. using 2 factor auth vpn i disagree. extra work compared
yocker 1323 Posted 1 hour ago Posted 1 hour ago 39 minutes ago, bandit8623 said: using 2 factor auth vpn i disagree. extra work compared VPN is typically easy to set up and a click of a button to connect once set up. IMO the most amount of work is opening the port for it if not using tailscale.
bandit8623 223 Posted 1 hour ago Posted 1 hour ago (edited) 9 minutes ago, yocker said: VPN is typically easy to set up and a click of a button to connect once set up. IMO the most amount of work is opening the port for it if not using tailscale. thats if you use tailscale i guess. i use openvpn with 2fa. nothing touches my internal network. all done on opnsense Edited 1 hour ago by bandit8623
yocker 1323 Posted 59 minutes ago Posted 59 minutes ago 6 minutes ago, bandit8623 said: thats if you use tailscale i guess. i use openvpn with 2fa. nothing touches my internal network. all done on opnsense I use selfhosted Wireguard my self. No need for 2fa for me when only i have the keys. Other users that use my VPN have their own network and shares so can't harm anything. Different needs for different uses ofc. 1
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now