ZL154

ZL154 / JellyfinSecurity

Public

A Jellyfin plugin that adds native two-factor authentication (TOTP, email OTP) with trusted device tokens, TV device pairing, LAN bypass, and API key bypass. Server-side enforcement — works with all clients including web, mobile, TV, and service integrations like Sonarr/Radarr.

13
0
100% credibility
Found Apr 19, 2026 at 13 stars -- GitGems finds repos before they trend. Get early access to the next one.
Sign Up Free
AI Analysis
C#
AI Summary

A Jellyfin plugin providing server-side two-factor authentication with TOTP, email OTP, passkeys, recovery codes, and device pairing for native clients.

How It Works

1
🔍 Discover security boost

While managing your home media server, you find this add-on in the plugin catalog to add extra login protection.

2
⚙️ Turn it on easily

In your dashboard, add the simple link, install with one click, restart, and flip the switch to enable secure logins.

3
📱 Set up your phone app

Open your profile, scan a QR code with your authenticator app like Google Authenticator, and confirm with a code.

4
💾 Save backup codes

Print or save the 10 one-time codes securely—they're your safety net if you lose your phone.

5
🔐 Login feels safe

Next time you sign in from a new browser, enter your usual password then a quick code from your phone—now it's trusted for a month.

6
Apps and TVs connect smoothly
Pair it

Try logging in once (it fails safely), approve from your computer, and it's trusted forever.

🔑
Special password

Make a unique code for the app, enter it instead of your regular one, and skip codes every time.

🛡️ Everything protected

Now your media server asks for that extra proof on new devices, keeping intruders out while your favorites play smoothly.

Sign up to see the full architecture

5 more

Sign Up Free

Star Growth

See how this repo grew from 13 to 13 stars Sign Up Free
Repurpose This Repo

Repurpose is a Pro feature

Generate ready-to-use prompts for X threads, LinkedIn posts, blog posts, YouTube scripts, and more -- with full repo context baked in.

Unlock Repurpose
AI-Generated Review

What is JellyfinSecurity?

JellyfinSecurity is a C# plugin that adds native server-side two-factor authentication to Jellyfin media servers, enforcing TOTP, email OTP, or recovery codes on every login while supporting all clients like web, Android, Android TV, Tizen, and Docker setups. It solves the problem of reverse-proxy 2FA (like Authelia) breaking native jellyfin github android clients and jellyfin github tizen apps by handling verification inside Jellyfin. Users get trusted device cookies for 30 days, TV device pairing, app passwords for Sonarr/Radarr, and LAN/API key bypasses.

Why is it gaining traction?

Unlike proxy-based solutions, it works seamlessly with jellyfin github client apps and jellyfin plugins without custom hacks, including quick device pairing for TVs and passkeys for biometrics. Features like audit logs, rate limiting, and admin dashboards make it production-ready for jellyfin github docker deploys, while easy install via jellyfin plugin repositories keeps it accessible amid jellyfin github releases and jellyfin github issues discussions.

Who should use this?

Jellyfin self-hosters securing family servers with mixed clients—Android TV boxes, Tizen smart TVs, mobile apps—while integrating jellyfin plugins like intro skipper or skin manager. Ideal for Docker users handling jellyfin plugins installieren in German setups or planning jellyfin plugins 2025/2026 upgrades, especially if you need jellyfin plugin pfad management without client breakage.

Verdict

Solid for Jellyfin 10.11+ despite 11 stars and 1.0% credibility score—detailed docs and recent fixes (v1.4.2) show active maintenance, but low adoption means watch jellyfin github plugins issues closely. Try it if you need native 2FA; skip for battle-tested alternatives until stars climb.

(198 words)

Sign up to read the full AI review Sign Up Free

Similar repos coming soon.