I don’t seem to understand the heuristics behind the security alert emails.
My Roon instance is running on my PC. If I login in roonlabs.com from the same machine I shouldn’t get the security email, really. It’s the same public IP.
There are no other Roon instances with the same IP since this IP is mine.
We tell you when you login in case someone has logged in as you. It only happens if you type your password.
Your IP/location is just to help find some obvious bad cases, but note that in rare cases, a login can also happen from within your own network if it was compromised.
If you recently typed your password, you can safely ignore the email. But if you get 2 emails for 1 typing of your password, you probably were keylogged.
I always get these e-mails when I try to login to Valence to improve photos on Firefox on my iPad. The strange thing on my iPad (not on Windows or Android) is that Firefox doesn’t login automatically. I have to type my iPad login code. After that, my mail address appears and the password section is also filled. But when I try to tap the enter button, the password vanishes and I have to use the iPad code again. Only after this second attempt, I can login… and receive a mail notification.
Sending email alerts about new logins and 2FA (two-factor auth) are two different things, aren’t they? First factor is the password, so you still use your password with 2FA.
I don’t know anybody with 2FA that sends confirmation emails, especially when Roon logs in from the same IP range as your browser.
@danny: “a login can also happen from within your own network if it was compromised.”, so you got a report from a hacked user that music turned on unexpectedly? I am trying to understand the use-case here.