yocker 1362 Posted March 7 Posted March 7 Disable admin account from outside and use VPN when needing to use the admin account should make files secure. Keep an eye on where users connect from once in a while, there are plugins for that. Blacklist countries you have no users in. Make sure users don't set 1234 as password.. Emby needs a feature for minimum lenght and special character passwords Correctly set up proxy instead of direct Emby access. Tailscale funnel also works very nicely and doesn't require "outsiders" to have tailscale. Not saying 2fa isn't needed, just that there are other ways to secure the server. 1 1
muzicman0 85 Posted March 7 Posted March 7 I honestly don't understand the 2fa on just admin accounts. I don't want ANYONE logging into my server that I don't know, admin or not. 1
ugenest 1 Posted March 8 Posted March 8 On 3/4/2026 at 12:44 PM, ugenest said: +1 for 2FA for the admin account for any account would be better (that would be perfect), but than nothing, it should be at least for the admin account
yocker 1362 Posted March 8 Posted March 8 3 hours ago, ugenest said: for any account would be better (that would be perfect), but than nothing, it should be at least for the admin account If only the admin account then a VPN would be easier and better. 1
bandit8623 225 Posted March 10 Posted March 10 On 3/8/2026 at 11:42 AM, yocker said: If only the admin account then a VPN would be easier and better. using 2 factor auth vpn i disagree. extra work compared
yocker 1362 Posted March 10 Posted March 10 39 minutes ago, bandit8623 said: using 2 factor auth vpn i disagree. extra work compared VPN is typically easy to set up and a click of a button to connect once set up. IMO the most amount of work is opening the port for it if not using tailscale.
bandit8623 225 Posted March 10 Posted March 10 (edited) 9 minutes ago, yocker said: VPN is typically easy to set up and a click of a button to connect once set up. IMO the most amount of work is opening the port for it if not using tailscale. thats if you use tailscale i guess. i use openvpn with 2fa. nothing touches my internal network. all done on opnsense Edited March 10 by bandit8623
yocker 1362 Posted March 10 Posted March 10 6 minutes ago, bandit8623 said: thats if you use tailscale i guess. i use openvpn with 2fa. nothing touches my internal network. all done on opnsense I use selfhosted Wireguard my self. No need for 2fa for me when only i have the keys. Other users that use my VPN have their own network and shares so can't harm anything. Different needs for different uses ofc. 1
bandit8623 225 Posted 1 hour ago Posted 1 hour ago (edited) Saw this and thought Emby could do something along this line https://blog.noip.com/what-is-no-ip-public-tunnels-a-modern-approach-to-remote-access?utm_source=email&utm_source=email&utm_medium=promo&utm_campaign=2026-march-promo-paid Edited 1 hour ago by bandit8623
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now