LoginSecurity
LoginSecurity
LoginSecurity is a lightweight password authorization plugin. You can optionally set a password each time you enter the server, adding a double layer of security to your account. The password is stored inside the configuration file, nobody else except the server owner can access or modify it.
How does it work?
Install the pluign to your /plugins/ directory, then start your server.
Type /register <password>, your account is now locked with a password.
For each time you login, make sure to use /login <password>.
Features
- Register your account optional or required (change in config)
- 5 Useful commands to mangage your password
- Advanced administrative control
- Advanced documentation via wiki
- Secure password storage using BCrypt
- Secure sessions storing to improve user experience
- Customizable time-out
- Map captcha upon registration (user friendly)
- Conversion from AuthMe and xAuth (check wiki for more info)
- Premium support through AutoIn
- Automatic update with changelog overview
- Username filtering (length and characters)
- Highly detailed configuration
- Automatically updated translation manager (user-submitted)
- Prevents being kicked by orther players loging in with your name
Session login allows the user to log in right after they logged out and not have to type in their password again. (1 minute time limit of being logged out, stores IP during that time to keep everything safe)
Commands
/lac - Admin command, rmpass and reload
/register <password> - Set your password
/login <password> - Login with your password
/changepass <old> <new> - change your password
/logout - Logout
Permissions
- loginsecurity.admin - allows admin command
- loginsecurity.update - shows update notifications
Video
Thanks to ServerMiner for making this informative tutorial
Orther tutorials: German (by MineCraftler4Live)
Planned
- Add translation interface for easier language selection
- Suggestions?
Known Bugs
- Players can mount/dismount and ride on vehicles while not logged in
Disclaimer
By default, LoginSecurity will check for updates from bukkitdev every 3 hours.
This feature can be disabled by setting "update-checker" to "false"
Anyone with the permission node ls.admin will be notified of updates, and it also able to download them via /lac update.
Which again can be disabled by disabling the update-checker
This plugin utilises Hidendra's plugin metrics system, which means that the following information is collected and sent to mcstats.org:
- A unique identifier
- The server's version of Java
- Whether the server is in offline or online mode
- The plugin's version
- The server's version
- The OS version/name and architecture
- The core count for the CPU
- The number of players online
The Metrics version Opting out of this service can be done by editing plugins/Plugin Metrics/config.yml and changing opt-out to true.
Additionally, when the language setting is changed, information is retrieved from lang.lenis0012.com to aquire up to date translations.
Links
- v3.0.2 - Download (18 - 1.15)
- Source code (GitHub)
- https://github.com/lenis0012/LoginSecurity-2/wiki (Wiki)
- https://github.com/lenis0012/Translations/wiki/Contribute (Translation Contribution)
Donate
If you want to support me working on this project, please donate.
It helps me alot to keep my projects up.
Donate at the top right corner
Comments
-
lenis0012 Owner
-
View User Profile
-
Send Message
Posted Jun 12, 2016@hutt132
that must be it.
I will work on fixing it tomorrow, heading to bed for now
-
View User Profile
-
Send Message
Posted Jun 12, 2016@lenis0012
The password-required option is set to false.
-
View User Profile
-
Send Message
Posted Jun 12, 2016Thank you SO MUCH for reporting bugs in the new alpha builds guys <3
If you are a new user, try 2.0.14 first, it has fewer bugs (for now) =)
@boringwolf
Did it give any errors? It should support it in alpha 3
@hutt132
so it sais you were registered while you were not? Do you have the password-required option enabled? I haven't tested that yet.
-
View User Profile
-
Send Message
Posted Jun 11, 2016I just installed this plugin and I try to /register and it says I'm already registered. I then do /login and it says I'm not registered or already signed in. I then do /logout and it says I'm not signed in.
What's going on? There are no errors in the console.
Spigot 1.10 LoginSecurity v2.1 ALPHA-003
-
View User Profile
-
Send Message
Posted Jun 11, 2016@lenis0012
It doesn't work with AutoIn. Will it work on the release version?
-
View User Profile
-
Send Message
Posted Jun 9, 2016Alright guys,
An alpha build for LoginSecurity 2.1 has bee submitted to bukkit.
Please grab a download and test it for just 5 minutes on a local server.
Let me know, i'm excited to do a full release soon!
@dylanisawesome1
lol dylan =P
-
View User Profile
-
Send Message
Posted Jun 8, 2016what is it doing?
-
View User Profile
-
Send Message
Posted Jun 6, 2016@Azfaloth
I will consider adding support for it
EDIT: Seems it already supports it?
-
View User Profile
-
Send Message
Posted Jun 6, 2016hello! Does this plugin have support for Auto-In?
https://www.spigotmc.org/resources/auto-in.578/
If not, could you please consider adding it in if possible?
https://github.com/GotoFinal/AutoIn/wiki/AuthPlugins#how-can-i-use-the-api-to-provide-support-for-my-plugin
Thanks a lot,
Azfaloth
-
View User Profile
-
Send Message
Posted Jun 5, 2016LoginSecurity 2.1 Alpha builds are going live within the next few days.
It would make me very happy if some of you guys could help me test it.
I don't recommend you to run it on your normal server, but maybe on a local one.
If everything goes well i will be able to post LoginSecurity's biggest update EVER very soon =D
-
View User Profile
-
Send Message
Posted Jun 5, 2016@Superman785
I don't know im sorry :( V2.1 is coming out very soon and im 100% sure the issue will be fixed in there. It will also be compatible on 1.7-1.9
-
View User Profile
-
Send Message
Posted Jun 4, 2016Hello, I downloaded this, It works great for 1.7.9. However, When I try and remove someone elses password using the admin command, It says "Invalid Username".
Please tell me why this is happening and how I can fix it.
-
View User Profile
-
Send Message
Posted Jun 3, 2016@Bartusiak
I am currently working on 2.1 I hihgly doubt it will happen in this version =)
@Tzzzt123
I've already said once before that AuthMe SHA256 will be supported in 2.1
-
View User Profile
-
Send Message
Posted Jun 3, 2016Can you add a authMe converter please? And is it possible to add a command as /lac changepassword <Player> <NewPass> Thanks Tzzzt123
-
View User Profile
-
Send Message
Posted May 27, 2016@lenis0012
Yes this plugin . Players are on cords 0 0 0 and for example in the nether/ the end flying down and dying.
Your plugin good work only in first world when you have "ON" fake cords.
-
View User Profile
-
Send Message
Posted May 26, 2016@Thoughtyness
It's true that hashing is very different from encryption. but thats the technical term behind it. For the average english person "encryption" has the same meaning as "obscuring" "hashing" is a more unkown term the average server owner.
@Theone102
I will look into adding this feature. basically, you want a required permission, where anyone with permission X is forced to register.
@Grellas
Yeah thats quite problematic. Ill try tot hink of something
@Blackyvk
next week
@mirolm
thanks for praising me :P LoginSecurity 2.1 is going to have this issue fixed along with some other neat changes. You can check the 2.1 branch on github if you want
@Bartusiak
is this an issue caused by my plugin? ill do some testing :)
@saintblair
I will add some method to recover a password :)
-
View User Profile
-
Send Message
Posted May 25, 2016i have a suggestion for a feature to add,
add password recovery via registerd email adress simply sends an email to you with your current password if you forgot ur password.
current:
1.) forget your password ur gonna have hell trying to get back into ur account, after that its easy to keep/change.
2.) if you login to a different account to get staff help, if one is even on and then if they can and know how/cant and knows how or just cant do it.
please add for 1.8+
id absolutely love ur plugin then. =P <3
-
View User Profile
-
Send Message
Posted May 19, 2016Hi !
I have problem with plugin. When people are disconnected in nether/the end and they want to come back to game, they are on cords X:0 Y:0 Z:0 and they are flying down to nothingness and die. What can I do ?
I have spigot 1.9.4
-
View User Profile
-
Send Message
Posted May 18, 2016@Blackyvk
I keep a fork of the plugin source for my server where i changed some stuff:
- removed player names from plugin and changed to uuid's to fix case insensitivity problem. this fixed sessions extending too. - merged translations changes by adiras. - removed metrics and updater to make building easier. - moved invalid nick checks and player online check to prelogin event, so player list on tab key does not get corrupted when player is kicked (happens with skinsrestorer plugin). - removed some deprecated api calls.
1.9 version of LoginSecurity added log filter, so player passwords are not visible which is really great. Big kudos for this change.
@lenis0012 i see some of my players try to use /l instead of /login - maybe other plugins have that feature. Is it possible to have this alias of "login", so it is faster to join server.
-
View User Profile
-
Send Message
Posted May 17, 2016any eta on 2.1 ? i really want to switch to this plugin, seems more stable than any other but the case insensivity is a real problem.