[Feature Request] Enforce 2FA policy on joined users

Just as important as 2FA for my own account, is enforcing the 2FA policy on the users in my server.

Are there plans to implement the ability to enforce the 2FA policy so that any users on my server must have this enabled?

This would be an amazing feature. I came here to add it but was pleasantly surprised to see it already listed. Thank you @rmc008!

I would envision a notice specifically indicating that the server administrator has set this requirement (with the implication being that Plex did not set the requirement, or even stating that explicitly). This could limit complaints or support requests directed towards Plex, and direct those towards the server administrator.

I would imagine that many of us, who run servers, to be generally more technologically inclined than the most, and in a good position to encourage better security practices among the home users and friends who have access to our server.

This would be amazing!

I loathe 2FA. MFA is what we need. I do not need to keep getting a code for my own Plex installed in my own NAS. It is pure frustration to throw a 2FA in between someone looking to see their Plex library and letting them do that. Whoever is pushing this 2FA agenda needs to stop. It turns companies into honeypots and makes individuals victims while this theater makes them feel safe.

Another email came through to reset the password due to a security event. Not all users will immediately change the password or enable MFA, leaving shared libraries exposed!

Allow Plex server owners to require Multi-Factor Authentication (MFA) for users accessing their shared libraries.

Problem Statement

Currently, Plex server owners have no ability to enforce security requirements for users they invite to their libraries. While server owners can enable MFA on their own accounts, they cannot require invited users to do the same. This creates potential security vulnerabilities, especially for:

• Family sharing arrangements with sensitive content

• Users sharing expensive media collections

• Business or educational environments using Plex

• Security-conscious users who want to ensure all library access is properly secured

Proposed Solution

Core Feature

Add a server-level setting that allows library owners to require MFA for all shared users accessing their content.

Implementation Details

Server Settings Panel:

• New toggle: “Require MFA for shared library access”

• Option to set grace period (e.g., 7, 14, or 30 days) for existing users to enable MFA

• Granular controls to apply MFA requirements to specific libraries or user groups

User Experience:

• When MFA requirement is enabled, users without MFA would see a prominent notification upon login

• Clear instructions and direct links to MFA setup process

• Temporary access period before enforcement begins (configurable by server owner)

• Once grace period expires, non-MFA users would be unable to access shared content until MFA is enabled

Admin Controls:

• Dashboard showing MFA status of all shared users

• Option to send reminder notifications to users who haven’t enabled MFA

• Ability to exempt specific trusted users (e.g., elderly family members who might struggle with MFA)

• Logging of MFA-related access attempts and enforcements

Hello,

it would be great, if I could force mfa for plex accounts, which I‘m sharing my library with.

Best regards

Ben

You do realize these are effectively the same right…? 2FA is a subset of MFA.

I also enjoy the peace of mind in knowing that even if someone does manage to guess my passphrase, they will likely not be able to gain access to my 2FA method - meaning my account is safe and secure.

Please do explain?

@rmc008 P.S. You should also include a mandatory PIN for Plex Home accounts please?