+- Jellyfin Forum (https://forum.jellyfin.org)
+-- Forum: Development (https://forum.jellyfin.org/f-development)
+--- Forum: Feature Requests (https://forum.jellyfin.org/f-feature-requests)
+--- Thread: SMTP-Based Email Password Resets and Account Management Overhaul (/t-smtp-based-email-password-resets-and-account-management-overhaul)
SMTP-Based Email Password Resets and Account Management Overhaul - SmearyThower - 2025-11-03
Proposed Features:
1. Optional Password-on-First-Login Setup
- Allow server admins to create user accounts without passwords (Maybe through a check box in the account creation screen) so that upon first login, the user is prompted to set their own password before accessing the library.
- Server owners can add SMTP credentials to allow automated email verification, password resets, and two-factor authentication.
2. Email Collection and Verification
- During the first login, prompt users to enter their email address (optional or required based on admin settings).
- Jellyfin would send a verification code via SMTP to confirm the email’s validity.
- The verified email would be tied to the user account for recovery, notifications, or two-factor authentication.
3. SMTP-Based Password Reset System
- Introduce a “Forgot Password” option on the login screen.
- When a user requests a reset, Jellyfin sends a 6-digit confirmation code or link to the user’s verified email using SMTP.
- The user enters the code (or clicks the link) to securely set a new password.
- Server admins should be able to enable or disable this feature globally for privacy or security reasons.
4. Email Two-Factor Authentication (2FA)
- Add an option for users to enable email-based two-factor authentication.
- Upon login, a unique one-time code is sent via SMTP to the user’s verified email address.
- Users must enter this code to complete login.
- Server admins should be able to enforce 2FA for specific accounts or globally.
5. Multi-Profile Support per User
- Add an option for sub-profiles under a single user account (similar to Netflix).
- Admins can configure the maximum number of profiles (e.g., up to 5).
- Each profile could have (which can be set by the account owner):
Individual watch history
Personalized recommendations
Separate parental controls
Profile-specific settings such as themes or playback preferences
Shared account credentials
https://features.jellyfin.org/posts/3559/smtp-based-email-password-resets-and-account-management-overhaulmanagement more flexible and user-friendly.