Unknown User Accessing Plex

I know this topic seems to come up a couple times of year, and I myself have now experienced this. Tautulli picked up a unknown user streaming my plex content who I did not explicated give access. I checked my plex server user settings and that user is indeed now listed. I removed the user, changed my password, enabled two factor, and logged out of all of my devices and considered the issue resolved. About two weeks later that same user returned. He selected a user name so that he would be on the bottom of my list. So I removed him again and disabled sharing completely.

I am running Plex Server on windows, so i do not have any of the container concerns expressed in earlier threads. I am also not doing anything fancy with allowing ip addresses to access without auth (that setting is blank). I am using a complex/unique password.

The only thing I can think off is that my user token is leaking either from an instance of Sonarr or Tautulli (which does run from a docker - but is the official version) - neither of which are exposed to the outside. Other than that, I am at a complete loss.

Server Version#: 1.21.2.3918

What client was the user using to stream from your server?

It was a Shield - Android TV

Okay… Well, that blows my theory out the water.
Still. Humor me here. Do you have a Roku account?

Yes I do.

You know, I don’t know where I was going with this because I don’t know much about the Shield. Nonetheless, I’d say if it happens again then change your Roku password aswell as your Plex password.

@astrokatt If you have not and are still having issue please email security @ plex.tv

Thank you. I just contacted them.

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.