How to reclaim your Plex server after the mandatory password reset following data breach

If you’re staring at an unclaimed Plex server right now, you’re not alone. The recent security breach that forced password resets across the platform has left countless users locked out of their own media libraries. While Plex’s official guidance covers the password reset process, it glosses over a critical issue: what happens when your server goes rogue and refuses to recognize you as its owner.

The good news is that frustrated users have been busy figuring out workarounds, and their solutions are surprisingly effective. These aren’t official fixes from Plex, but rather community-driven methods that I found helped others while digging through multiple threads.

For those running Plex on Synology NAS systems, Reddit user tasteslikefun shared a detailed manual reclaim process that’s been helping users get back online. The method involves stopping the Plex package, editing the Preferences.xml file to remove PlexOnline references, then using a fresh claim token from plex.tv/claim. The process requires some command-line work, but users report success even when getting “Unauthorized” responses during the claiming step. Here are the complete steps shared by tasteslikefun:

1 – Stop Package from package manager

2 – Edit Preferences.xml by SSH to your NAS (I use PuTTY)

This was stored in; /volume1/Plex/Library/Application Support/Plex Media Server

I originally used find . -name “Preferences.xml” to find it but you can use this list

nano Preferences.xml and remove all key value pair references to PlexOnline* as per instructions

3 – Start Package from package manager

4 – Get a new claim token from https://plex.tv/claim

From SSH post the token to the local server;

curl -X POST “http://127.0.0.1:32400/myplex/claim?token=YOUR_TOKEN”

I got an Unauthorized response, but checking the Preferences.xml with cat Preferences.xml showed the claim had been added.

5 – Restart Package from package manager

Access Plex again as normal.

A simpler approach comes from user OfficialDeathScythe, who discovered that changing your password through your local web client sidesteps the claiming issue entirely. Instead of going through plex.tv, you access your server directly at its local IP address and port (like 192.168.1.100:32400/web) and change the password from there. This method keeps your server claimed throughout the process.

Docker users aren’t left out either. User freedomorleo found success using a claiming script from GitHub that automates the token submission process. After getting a claim code and adding it to the Docker compose file, running the script from within the container’s bash environment often does the trick. Here are the steps they outlined:

1 – add this bash file in your plex’s config folder in docker (so you can easily access it inside of plex later): https://github.com/uglymagoo/plex-claim-server (I just copied the .sh contents and made a new claim.sh file and pasted it in)

2 – get a claim code at plex.tv/claim

3 – add the claim code to you docker compose file

4 – get into your docker’s bash for the plex container: docker exec -it plex /bin/bash

5 – run the claim.sh TOKEN from inside ther

6 – restart plex’s docker (compose down and up)

7 – open your local plex instance in a private window and log in

it’s working

Some Windows users got lucky with the simplest fix of all. User tveith reported that just closing and reopening the Plex server software, then logging in with the new credentials, automatically reclaimed everything. For others, right-clicking the Plex system tray icon and selecting “Open Plex” launched the browser interface and restored normal operation.

The frustrating part is how inconsistent these solutions can be. What works perfectly for one setup might fail completely for another, even with identical hardware. Some users found success after multiple attempts with the same method, while others had to try several different approaches before something clicked.

What’s clear from the community response is that Plex’s handling of this security incident has been less than smooth. Users shouldn’t need to dig through SSH tunnels and edit configuration files just to access their own servers after a mandatory password reset. The fact that so many different workarounds exist suggests the underlying claiming system has some serious issues.

If you’re still locked out, try the local web interface method first since it’s the least invasive. For NAS and Docker setups, the manual claiming approaches have proven reliable, though they require more technical comfort.

Feel free to drop a comment below to let me know if any of these potential workarounds helped you or not. And in case you’ve stumbled upon a better method, share that in the comments below to help others stuck on the same boat. Thanks in advance!