Thank you
Friend, without a doubt.
That way they get their own password.
A managed user is inappropriate for a remote friend because they would require your credentials to log on. Never share your passwords.
1 Like
If you want to share just your librarys then Friend. If you want to share Live TV & DVR then managed user. Not all clients require your password to sign in, most are 4 digit code to activate.
Recorded content can be shared with friends.
I would suggest not offering Live TV access to remote users. If Live TV is really required, then they should still be created as a regular user with their own credentials. That friend can be added as a Home User and thus granted Live TV access. I wouldn’t encourage this.
Remote friends and competent adults shouldn’t be Managed Users.
Don’t use device “Link” codes to grant remote devices access to your account.
It doesn’t matter as most clients don’t require sharing the username/password of the admin account. The only reason for them to have their own credentials is if they wanted to run their own plex server at the same time. Otherwise it’s the same.
That isn’t great advice. There’s nothing to be gained by doing it insecurely, and quite a bit to lose.
User PIN codes are not protected in the same way as passwords, and PIN codes for access are only optionally enforced by client applications.
Don’t sign other people in on your account, on any devices, unless you would be comfortable giving them your password.
(And don’t give out your password.)
Signing in a device with the 4 digit activation code does not give them access to your Plex account in the way that would be required to actually change anything on the account. It makes them a Home user. Same thing with inviting a user by e-mail to join your Plex home except in that case they can activate their own devices. That is literally it. Either you activate the devices or they do.
Now if you don’t want them to be in your Plex home then just invite them as a friend but you won’t be able to share Live TV & DVR with them.
Show me the proof that pin codes are only optionally enforced by clients.
This code is something different than the PIN you can attach to your account, to prevent other home users from switching.
Exactly.
Plex is pretty clear about the security implications of Plex Home.
Account PINs are the equivalent of child locks, not account protection.
Many clients have the option to Automatically sign in, which is a client-side setting. In the past, some client apps have not restricted that setting to admin users, allowing other users to enable it and bypass the account PIN on launch.
In the past, several apps have opened immediately after entering the password or Link code, without requiring the account PIN. This was changed by app updates.
Account PIN changes don’t take effect immediately. This also demonstrates that they are enforced client-side and aren’t a significant level of security.
If you’re comfortable sharing your account with somebody, and it’s on a TV in their house, you can judge the risk.
But what’s the benefit? I don’t understand the resistance.
1 Like
Dude if you invite someone to your Plex home via e-mail they still can get into the admin account or any other account via pin. If you want to give the user access to Live TV & DVR then that’s what you have to do… WHICH is what I said. Go back and read what I said.
If you want to share just your librarys then Friend. If you want to share Live TV & DVR then managed user. Not all clients require your password to sign in, most are 4 digit code to activate.
I agree that watching Live TV requires the user to be in the Home; I think I said so already. Watching recorded DVR content doesn’t require Home.
I’m strongly encouraging people not to activate Link codes for other people on their own accounts, and not to invite people to their Home, without understanding the implications.
No, you said “because they would require your credentials to log on” which depending on the client they are using is false. I then stated the simple fact right below you. Just because your personal preference is to not share Live TV & DVR doesn’t mean the OP doesn’t want to. He asked what he needs to do. I gave him the answer depending on what you’re trying to share. You’re stating a personal opinion. I am stating facts.
Also, account PIN changes do take effect immediately.
And to think authentication is performed client side shows me you have absolutely no idea what’s going on.
I’m out. ./goodnight
Credentials are required for device setup. Either entered directly in some apps, or by authenticating when visiting https://plex.tv/link.
After the credentials are received, the app gets a token for future use. That token is effectively capable of doing anything as the authenticated user. (It’s possible to extract these tokens from some apps.)
If friends have their own accounts, your credentials don’t need to be involved. The friends can set themselves up on any type of device without your involvement.
Account PIN creation (or change) doesn’t take effect immediately, and account PINs aren’t a mandatory part of the Plex authentication process. They’re an app convenience feature.
I’m not arguing about Live TV at all. That’s a very good point. If you want to share Live TV, it’s a requirement that they be a member of your Home. Be sure you trust people you invite to your Home.
https://support.plex.tv/articles/204234323-creating-a-plex-home/
1 Like
I simply said if they want to share Live TV & DVR then this is what you would have to do OTHERWISE add as Friend. Very simple logic to understand.
They can still log into the admin account being part of the Plex Home even if they are using their own creds. So all the this and that talk is irrelevant. That is the point of Plex Home and absolutely if you want to give them access to Live TV & DVR.
LOL
This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.
