removing post due to the toxic replies being received.
You joined 19 minutes ago and your first post is about you getting hacked when you failed to take the precautions you were warned about months ago.
On top of that, you run Plex down when honestly it is incredibly unlikely the “hackers” could have cracked the information given it was both salted and peppered. But I guess it is possible.
Not being snarky at all, just pointing out that security starts with you, all this could have been avoided by you taking security seriously. Running a server facing the internet requires at least some sense of the risks involved and precautions needed to protect that server. It really is no different than leaving the doors to your house unlocked in a bad neighborhood.
WRONG. this was a YOU problem.
2FA was introduced in 2020 and there’s a whole entire Plex Support page dedicated in showing how to activate it to protect your self and your account from further danger.
https://support.plex.tv/articles/two-factor-authentication/
You can ALSO have Plex account access tied to your Google and Apple accounts, and have no relationship to the Plex password.
https://support.plex.tv/articles/use-federated-authentication-to-sign-in/
Additionally you could use any online password generator to come up with a much better password than the one you have now.
Last but not least, it’s up to you to also do your own security maintenance/audit under the Authorized Devices tab. Check for ANY device that seems suspicious to you that may not be worthy of having access. If it’s a device that a family member or friend might have that you weren’t aware of, no need to be alarmed. It’s better they have to sign back in with their credentials again than have someone run amok with account.
When you do change your password, it is highly encouraged that you follow this step:
Tip!: If you do choose to “Sign out connected devices after password change” as part of your password reset, then you’ll need to sign in again to any player/client apps you use as well as any Plex Media Server you own. You’ll find information below on how to do so.
One more thing you can also do is assign yourself a PIN code to your account to add as a buffer and it doesn’t matter if you have managed users or not, assigning a Pin to your admin account has it’s advantages of further temporary blocking unauthorized access, especially from your server settings.
https://support.plex.tv/articles/204232453-fast-user-switching/
Members of a Plex Home can have a PIN code set on their account. When set, it means that the code must be entered when switching to that account in a supported Plex App. For instance, parents may wish to put a PIN on their account so that their children can’t switch to the parent account.
It is always recommended that if you are the a server admin in a Plex Home that you set a PIN, else a user could switch to you and edit server settings.
I wasn’t serving kindness. The purpose of my reply was to serve up facts and to disprove that your dramatic statement about how Plex let’s hackers run amok with peoples accounts is false.
Rating you zero stars for being a non-compliant Plex user.
Because VPN’s exist and some Plex server admins want to have their systems setup on VPN’s. Some admins have successfully done so, some have not.
If Plex were to allow the Plex servers to actually run fully along side VPN’s, who knows how many of those emails you say you want activated to be sent out may be an actual threat.
AS IT IS, they ALREADY do send out trigged emails that alert you of logged activity. Which prompts you to change your password IMMEDIATELY if you should notice if the country origin, city and IP is not your very own.
You’re just a failure at using Plex properly.
Solution: Set the Plex emails as a filter, have them automatically tagged as important, urgent in whatever email app you use. Done.
Stop making excuses for yourself.
Well, you’re right, I can’t believe I come in here to waste my time on those individuals like yourself when I should just let you have to face the non-existence of Plex employees. Next time I know to not bother with you, thanks.
This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.
