information is power unfortunately, and even something as simple as a login on a platform can lead buyers of said data to profit (credit card information, other logins, identity theft etc.) in some cases.
I mean, Plex is a data-collecting beast on its own, selling your data to other streaming platforms, hence the no ‘offline’ option.
HOW did that happen! Apologies - link corrected
I have not changed my password and right now I do not see any issues. PMS is running fine and so is Plex on my TV and through a web browser. Seeing all the problems I’m hesitant to attempt to change my password until the rush of password changes settles down.
How many people are resetting their passwords with no issues?
I don’t recall ever “claiming” my server. I just installed PMS and it just worked. However, it was a while ago so maybe I claimed it back then. I’m on a Synology DSM 7.0 and run PMS in a Docker container. What if Your Plex Account Requires a Password Reset? | Plex Support says that for Docker contains you need to “generate a claim token (via Claim | Plex) for your Plex account and then set that as the value of the PLEX_CLAIM parameter of the Docker configuration”. But when I look at my current Docker container configuration I don’t have PLEX_CLAIM set at all! How is that working?
Plex systems, especially e-mail, are overloaded right now.
Once the number password reset requests ebbs, the time to receive an e-mail will return to normal.
Same issue - can’t get to any place where I can claim the server.
Just changed my password with no issues or lag.
No.
Logins via Google/Apple/Facebook are not affected.
If you have a separate plex account password at plex.tv, then you need to change that password.
And @mm98 … If it’s that important… where are the Plex employees in the thread??
They are working and not causing an argument for arguments sake on the internet
For those of us running Plex on a NAS there seems to be missing steps to reset the password correctly. I was able to follow the instructions they gave. I can access my media when I log in useing the local IP for plex. But when I try to access elsewhere in the same house from devices that use the plex.tv url they cant find my media. So its a mess now.
This is why I really dislike that there is no means of reaching Plex support for paying customers…
Yes, it would have been beneficial for Plex to post the password breach as a notice so everyone would know it is a legitimate email. I noticed that the password instructions are incorrect. The instructions are limited to accounts using a Plex email and password. However, Plex has a screen to select existing accounts like Google and Facebook to log in. More information is needed from Plex to understand what to do with their data breach.
To be honest if I get a reset password notice due to a breach for any service I have signed up for with that same account (in this case email address) is a instant password reset for me. I don’t click the link in the email, I do it via the homepage of the service. Genuine email alert or not.
Yep there’s a missing step, but it’s easy to fix. You need to sign into the plex web app at https://plex.tv/web . You should see your libraries marked with warning icons, and in settings it should say your server is “unavailable” or “unable to connect”. Right under there is a “Remove Server” link. Click that and accept the warning. This will not sign your server out or un-claim it.
Now restart your server. It should reassociate with your plex web account and all your libraries should be accessible again.
How about hopping into the thread and giving a reassuring comment to waylay frustrations of the people stating… I got one too and I can’t change my PW?
Stop signing out all devices on password change. THIS IS NOT NEEDED. Even if you see someone streaming from your account you can log out their device specifically instead of NUKING YOUR WHOLE SETUP.
Thanks FordGuy. Glad I still knew my password and was able to leverage the ‘change password’ workaround I noted in my prior post.
To sign in again on all my devices, after resetting the password, the following is happening:
I assume the following may also be related to Plex being overloaded at this time, since I have never observed this prevously:
On most of my devices, when I used plex.tv/link to re-link the device to my account after changing the pasword, the code expires within a second!
And even on attempts when I entered the code and got a confirmation saying ‘Account linked’ on the plex.tv/link web page, the device (e.g. TV) sits there
and eventually says code expired (or some other error).
Never had this all these years, so may be related to the Plex server / site issues today.
I said something similar in another thread, but I wanted to respond here too.
If server or account-level tokens were involved, that could have significant impact.
I don’t know if that’s likely to have happened. I believe that if Plex knew it did happen, Plex themselves would probably have invalidated all tokens. But I don’t have any way to know.
You’re probably right … I just don’t think there’s any way to prove it.
I’ve had a similar problem connecting/linking Plex on WebOS (LG) with my updated account. However, 10 minutes ago I got it working (the code didn’t expire after 2 seconds as previously). Maybe you could try again 
Having the same issue with TV app codes expiring within seconds of trying to link my account. I imagine that it is all related to the extremely high level of traffic Plex must be enduring at this time. I also think that it would be a wise idea for Plex admins to send out an emergency “Plexcerpts” bulletin outlining what happened and what is still going on. Or have a pinned thread at the top of the General Discussion area outlining what is going on. Give us a real time play by play.
With “information is power” in mind, I would like to be informed as to who exactly breached the system and might have my data! Assuming this is something they possess…and I have to imagine that there are indicators.
And don’t remind me…ugh. If Plex wasn’t forced to go through central servers to login, this wouldn’t even be an issue. Attackers would have to breach individual servers, and they would only get that servers credentials instead many credentials for many servers at once.
I think that is a good guess, given what is happening today.
I have not tried re-linking all my devices yet. Just haven’t needed to do so.
Thanks. I forgot to add that it did work on all TVs after multiple attempts. Some TVs / devices worked on first try, some required numerous attempts.
Also on one TV - a Google TV (not the older Android TV) when I re-linked Plex app to my account, I actually got a message to ‘claim server’… (saw some people posted about that).
