Plex

2973 readers

1 users here now

Welcome to Plex, a community dedicated to Plex, the media server/client solution for enjoying your media!

founded 2 years ago

MODERATORS

sup@lemmy.ca

JCSpark@lemmy.ca

Zoidsberg@lemmy.ca

MentallyExhausted@reddthat.com

Yoruio@lemmy.ca

Vic_Waddlesworth@lemmy.world

Plex Announcement: Important Notice of Security Incident (forums.plex.tv)

submitted 6 days ago by cm0002@piefed.world to c/plex@lemmy.ca

13 comments fedilink hide all child comments

We have recently experienced a security incident that may potentially involve your Plex account information. We believe the actual impact of this incident is limited; however, action is required from you to ensure your account remains secure.

you are viewing a single comment's thread
view the rest of the comments

[–] papertowels@mander.xyz 8 points 6 days ago* (last edited 6 days ago) (2 children)

No security guy, but if the passwords were just hashed and not salted it's not ideal. Better than plaintext for sure though.

EDIT: Plex employee confirmed they do salt (and pepper, which I'm less familiar with), the last time they were hacked and had passwords exposed, fwiw.

[–] Die4Ever@retrolemmy.com 7 points 6 days ago* (last edited 6 days ago) (1 children)

If they were hashed then they were likely salted too, not much reason to not do both. Especially since they said "in accordance with best practices", otherwise they're just lying lol. They probably just didn't want to make the announcement too technical.

[–] papertowels@mander.xyz 0 points 6 days ago

I choose to believe this lol

[–] FreedomAdvocate 6 points 6 days ago

in accordance with best practices

They absolutely would have been salted, as that is best practice. Just not something the average Plex user understands most likely.