Hi, Team!
I’m having a bit of an issue. With family members I’ve given access to my hosted Plex Server. Only to find that when they log into my account with the email and password. (sometimes) They don’t get prompted for the user and pin but instead get DIRECT access to the administrator account?
I’ve been able to replicate this problem by using incognito mode on a browser and logging in. Most of the time, it signs into my Plex without asking for a user and pin. I was unable to find something that would be causing it.
I have verified the following settings are disabled.
- Automatically Sign In
- List of IP addresses and networks that are allowed without auth. (No IP’s are entered)
I’m accessing the web interface remotely, not within the LAN.
—removed IP----
This is as expected. You should not be giving out your user name and password for these people to log in. If you are not setting up the device initially for them, you should be using a full Plex.tv user and not a managed user. Managed users are for users where you “manage” their experience and have control of their device (i.e. kids, spouse).
The full account can be added to your Plex Home and have the same perks, but you don’t have to hand your password over to someone else (which is a bad idea on the face of it).
Automatically Sign in is always disabled by default and won’t change the initial log in. The ips without auth also does not come into play here, as I said this is expected since only you should have the password for your Admin user and it thinks you are logging in to setup the device (check proper libraries showing, make settings changes) for the user.
Understood, however if it’s by design. Why does it work sometimes and others it doesn’t?
I’ve been testing this and notice when I log in the first few times the Admin account is open wide. Shortly after though it will begin asking for the PIN. Then return back to give Admin access. I find this not so much as a feature to administer but a problem.
Does every account in your Plex Home have a PIN number assigned to their account, including the Admin account?
And is automatically sign in disabled on every Plex Client?
Hthighway,
Correct, I thought of this as well. Each managed user had a pin assigned as well as the admin account.
I’m looking through the smartphone clients and see no option for automatic sign-in. Am I missing it?
Automatically sign in is disabled on the Plex Media Server though. Maybe that’s what you mean?
For the Android App, it’s under Settings -> Account then at the bottom of that page there should be Sign in Automatically
@VazquezFamily said:
Automatically sign in is disabled on the Plex Media Server though. Maybe that’s what you mean?
That is not for the whole server, that is for Plex/Web. This is a setting on individual clients so it would be se as stated by hthighway above. There isn’t a global setting.
I see, all the devices are iPhones/iPads… so I’m having issues here. I have to manually disable this setting for automatic login so they don’t sign into my PIN protected Admin account?
Why would the Admin PIN be disregarded?
Thanks!
The Admin PIN would only be bypassed if, when logged in as the Admin, you enabled the auto sign-in feature in the app. Enabling that will all the app to open to the last logged in user.
Okay, I believe I know how to bypass this without compromising my admin account. Thanks for your input I believe I understand.
I’ll buy another plex pass and setup an alternate email + password. I’ll add this to my Plex Media Server as a user account (non-admin). This way I can give out the user account to my family/friends forcing them to use their assigned PIN and thus not bypassing the Admin PIN.
Should work in theory right?
I guess that would work, but why?
- Have them create a Plex.tv account
- Invite that account to be part of your Plex Home
- They can log into their device with their own user/password and have the same Plex Pass benefits that the Managed User would have.
It seems silly to go through all that, when you could save the money you would spend on the extra Plex Pass and just have them create an account if it’s not a device directly in your control.
Adamskoog,
Good point, I’ve considered the the Plex Home invite however considering some of my family members won’t go through the hurdle (not really a hurdle) of creating their own accounts. I can make it easier for them by simply having an account ready for them to login. Then simply have their own assigned User Account + PIN that is unique enough for each to not log into each others.
I’ll try both methods and see how this works out before giving them access again. Thank you guys for taking the time to work with me on a solution.
I found the cause of this problem. When an external user logs into your Plex Media Server via your public IP address. They auto login as administrator REGARDLESS of settings. Thus, never share your external IP address + port.
Instead direct users to the online Plex application! It will immediately prompt them to enter a PIN as it should!
https://app.plex.tv/web/
Now I can share my credentials to my close family members without having them go through the trouble of creating their own accounts. They can simply login as me, then use their own unique PIN to access content.
@EngineerOnline said:
Now I can share my credentials to my close family members without having them go through the trouble of creating their own accounts. They can simply login as me, then use their own unique PIN to access content.
Hmm. I wouldn’t. Take a look at this before you venture into that realm of possibilities.
https://forums.plex.tv/discussion/272591/allow-media-deletion
