Samba no longer has a "security = shared" setting, including on the version used by FreeBSD 11.
"The most common settings are security = share and security = user... In share level security, clients do not need to log onto the server with a valid username and password before attempting to connect to a shared resource. This was the default security model for older versions of Samba."
Ideally this would be replaced by some instructions for creating a public share without "security = share", maybe with "map to guest = Bad User" (I'm not clear on the details so did not attempt a patch myself).