This question has undoubtedly been put here before but I have not been able to find the answer. So here it is:
I have added a new user no password and configured him for remote access through WDMyCloud.com.
When he got the mail he has made his account and got access flawlessly. After the first access he can access again by just clicking, no password asked. So anyone who gets hold of his computer can do the same.
This got me to worry, so I decided to add a password for this user. But this did not make any difference whatsoever.
Perhaps because he already could access without a password. So maybe his WDMyCloud.com account has to be deleted and configured again. Am I right or have I done something wrong?
Thanks in advance for anyone who bothers to think along!
Hans
No, he just needs to delete the device from his app and then re-add it.
The app doesn’t store User ID and Password. The User ID and Password (or no password) are used only during the pairing process. Once paired, the app uses its own authentication keys to log in.
Thank you so much. Topic can be closed as solved.
So sorry, I overlooked the possibilty to mark the topic as solved myself. Now I have done so.
Oops! My remote partner states that he removed the device, added it again and still there was no password challenge.
So if this is indeed the case then my question is not answered so far.
How did he add it again if he was remote and what is he using to access it?
If he’s using the WD My Cloud app and using either the “WDMyCloud.com” login or using a Media Access Key (that he would not have been able to generate remotely), then the behavior is as expected.
Once paired, there is not supposed to be ANOTHER password challenge.
And no, just because someone gets hold of his computer doesn’t mean the thief can access his files – he’d have to hack the owner’s PC BIOS password, Windows password, drive encryption password, etc.
Well, so it seems that once a device is “paired” with the WDMyCloud a user password has become useless. Changing it does not make any difference at all so my remote partner and TonyPh12345 are telling me. (BTW my remote partner is using the desktop app)
This made me wondering about the usefullness of a user password with respect to remote access at all. In my opinion it is not there.
The only thing one can do is to protect the app with a password.
I did notice however the usefullness of a user password when one uses the WDMyCloud from within the home network.
So let us leave it at this. I will mark the answer from TonyPh12345 as the solution in a few days. First I would like to wait to see if someone else comes up with an answer.
