Trusted Reviews may earn an affiliate commission when you purchase through links on our site. Learn More

This Kodi feature can be used to spy on you – here’s how to stop it

Something you may – or may not – know is that Kodi bundles an unsecured IP-based Remote Access feature, leaving your entertainment system and all of its contents vulnerable to hackers. Don’t panic, though: hiding your media from nosey parkers couldn’t be easier. Here’s how.

Believe it or not, the only thing you need to do to secure Kodi is add a layer of password protection – and that can be done by heading into the Control section of the System Settings menu. We should note, however, that you’re going to want to choose a random, secure passcode – no, your dog’s name won’t do, and please don’t use ‘Kodi’ either.

If you’re struggling to come up with something unique, we suggest using a password generator to generate an arbitrary phrase. Those looking to add an extra layer of protection should ensure it exceeds 12 characters and includes at least two symbols, which will make it significantly harder to crack.

TorrentFreak explains the vulnerability as follows:

While browsing someone’s addons isn’t the most engaging thing in the world, things get decidedly spicier when one learns that the Chorus 2 interface allows both authorized and unauthorized users to go much further.

For example, it’s possible to change Kodi’s system settings from the interface, including mischievous things such as disabling keyboards and mice. […] it can also give away system usernames, for example.

But aside from screwing with people’s settings (which is both pointless and malicious), the Chorus 2 interface has a trick up its sleeve. If people’s Kodi setups contain video or music files (which is what Kodi was originally designed for), in many cases it’s possible to play these over the web interface.

In basic terms, someone with your IP address can view the contents of your video library on the other side of the world, with just a couple of clicks.

Related: Best VPN

The Kodi system requires a username and password – both set to “admin” by default – to take advantage of Remote Access, and adding a passcode acts as a barrier between your media and prying eyes. That said, any system can be hacked, but following the aforementioned steps should reduce the risk.

Related: how to install Kodi

Unlike other sites, we thoroughly review everything we recommend, using industry standard tests to evaluate products. We’ll always tell you what we find. We may get a commission if you buy via our price links. Tell us what you think – email the Editor