LoginSecurity
LoginSecurity
LoginSecurity is a lightweight password authorization plugin. You can optionally set a password each time you enter the server, adding a double layer of security to your account. The password is stored inside the configuration file, nobody else except the server owner can access or modify it.
How does it work?
Install the pluign to your /plugins/ directory, then start your server.
Type /register <password>, your account is now locked with a password.
For each time you login, make sure to use /login <password>.
Features
- Register your account optional or required (change in config)
- 5 Useful commands to mangage your password
- Advanced administrative control
- Advanced documentation via wiki
- Secure password storage using BCrypt
- Secure sessions storing to improve user experience
- Customizable time-out
- Map captcha upon registration (user friendly)
- Conversion from AuthMe and xAuth (check wiki for more info)
- Premium support through AutoIn
- Automatic update with changelog overview
- Username filtering (length and characters)
- Highly detailed configuration
- Automatically updated translation manager (user-submitted)
- Prevents being kicked by orther players loging in with your name
Session login allows the user to log in right after they logged out and not have to type in their password again. (1 minute time limit of being logged out, stores IP during that time to keep everything safe)
Commands
/lac - Admin command, rmpass and reload
/register <password> - Set your password
/login <password> - Login with your password
/changepass <old> <new> - change your password
/logout - Logout
Permissions
- loginsecurity.admin - allows admin command
- loginsecurity.update - shows update notifications
Video
Thanks to ServerMiner for making this informative tutorial
Orther tutorials: German (by MineCraftler4Live)
Planned
- Add translation interface for easier language selection
- Suggestions?
Known Bugs
- Players can mount/dismount and ride on vehicles while not logged in
Disclaimer
By default, LoginSecurity will check for updates from bukkitdev every 3 hours.
This feature can be disabled by setting "update-checker" to "false"
Anyone with the permission node ls.admin will be notified of updates, and it also able to download them via /lac update.
Which again can be disabled by disabling the update-checker
This plugin utilises Hidendra's plugin metrics system, which means that the following information is collected and sent to mcstats.org:
- A unique identifier
- The server's version of Java
- Whether the server is in offline or online mode
- The plugin's version
- The server's version
- The OS version/name and architecture
- The core count for the CPU
- The number of players online
The Metrics version Opting out of this service can be done by editing plugins/Plugin Metrics/config.yml and changing opt-out to true.
Additionally, when the language setting is changed, information is retrieved from lang.lenis0012.com to aquire up to date translations.
Links
- v3.0.2 - Download (18 - 1.15)
- Source code (GitHub)
- https://github.com/lenis0012/LoginSecurity-2/wiki (Wiki)
- https://github.com/lenis0012/Translations/wiki/Contribute (Translation Contribution)
Donate
If you want to support me working on this project, please donate.
It helps me alot to keep my projects up.
Donate at the top right corner
Comments
-
lenis0012 Owner
-
View User Profile
-
Send Message
Posted Jun 12, 2013Best Login Plugin Ever!!!
I researched a lot for plugins like this for my cracked server and this was the best I found! One thing I love on it is that the saved passwords are encripted! Another awesome thing is that users can choose if they want password or not!
-
View User Profile
-
Send Message
Posted Jun 12, 2013@ADAM_G_100
LoginSecurity v2.0.4-SNAPSHOT is out on our build.
Go ahead and download it.
Fixed metrics crashs.
Added admind command (/lac)
Added permission node: 'ls.admin' for the new command.
And some small fixes
-
View User Profile
-
Send Message
Posted Jun 11, 2013@lenis0012
please please re-add it ASAP :)
-
View User Profile
-
Send Message
Posted Jun 10, 2013Make a permission so that people cant use it...
-
View User Profile
-
Send Message
Posted Jun 9, 2013@broluigi
Make a copy if your LoginSecurity folder in case this goes wrong.
All you do is update the jar and it SHOULD update all the files automaticly.
If you ahve MySQL it should still work
@Stormshock892
The admin command has the highest priority at the moment.
I will see what i can do for you.
Maybe i am able to make a new dev build today
-
View User Profile
-
Send Message
Posted Jun 9, 2013@Broluigi
Just keep a backup in case this does not work.
-
View User Profile
-
Send Message
Posted Jun 9, 2013@Broluigi
Don't worry if you have to bring the server down to fix this, I'm sure the players will have no problem.
-
View User Profile
-
Send Message
Posted Jun 9, 2013@Broluigi
No it should not, but make sure you keep the old folder and plugin, if the configuration does not work just reload the old version. Just add the new Jar and keep the folder and it should work.
-
View User Profile
-
Send Message
Posted Jun 9, 2013@Stormshock892
but the Mysql! will it require me to delete it all? i have two years of player data here, donators and normals alike!
-
View User Profile
-
Send Message
Posted Jun 9, 2013@Broluigi
Click on the download button to get the plugin and then copy and paste your old plugins generated folder into the plugins folder with the new Jar file. Make sure you delete your old version of LoginSecurity first.
-
View User Profile
-
Send Message
Posted Jun 9, 2013Hi Lenis,
Sorry to bother you but I have a big server that, because of an exclusive firewall, has to run in offline mode. I downloaded your plugin and it was a lifesaver, but a multitude of players on it forgot their passwords, I checked their IPs and of course a few of them lied, but some did not. I really don't want to lose any other players passwords so I can't delete the users file . So I've switched to the alternative of creating a private plugin that copies down the passwords of the players on to a yml file. Please if you have the time make a way so I can reset the passwords of the players who legitimately forgotten it soon. I would code it but My computer has broken and I can only access the server from a SSH client on my phone. After I've bought a new one I can certainly help though.
Regards, Stormshock892
-
View User Profile
-
Send Message
Posted Jun 9, 2013@31032
/lac mean loginsecurity admin command
-
View User Profile
-
Send Message
Posted Jun 9, 2013I need help! I will donate 10 dollars if you can help me with this!
I am using version: 1.6.10 of loginsecurity and want to upgrade to R: LoginSecurity v2.0.3
how do i go about doing this? Do i have to completely make a new login thingy?
-
View User Profile
-
Send Message
Posted Jun 9, 2013@31032
I am really trying to find an hour where i can sit down and update LoginSecurity.
But
1) i have school and the laast weeks are the hardest.
2) I own a server wich needs work and time (mainly when you code alot of private plugins for it)
3) I have about 12 plugins at the moment and some of them dont even fully support 1.5.2 yet
So please be patiënt wand wait for the update.
I promise that it will be out as soon as i have time
-
View User Profile
-
Send Message
Posted Jun 7, 2013It's me again. I really need this plug-in improved on my Offline-Mode server. Here are some complaints: 1) What is /lac 2) Make a file where all the passwords are stored beside the username. 3) Actually make the blindness effect work! 4) Make it so that when logging in, you start at spawn, so if someone logs out at their base, they can't know the coords. Then, after doing /login password, teleport them to their last logged in location. 5) When they log in, give them a cleared inventory. Then, when they do /login password, they get their stuff back. IMPLEMENT ALL OF THESE.
-
View User Profile
-
Send Message
Posted Jun 7, 2013Blindness doesn't prevent you from checking the inventory and dropping items. Clicking the item will cancel the action but if you press A (or Q) the item will be dropped.
-
View User Profile
-
Send Message
Posted Jun 6, 2013Hi, I'm having a server error here randomly... It doesn't happen when I start the server or stop the server, it just happens randomly...
[WARNING] [LoginSecurity] Task #403 for LoginSecurity v2.0.3 generated an exception java.util.ConcurrentModificationException at java.util.HashMap$HashIterator.nextEntry(Unknown Source) at java.util.HashMap$KeyIterator.next(Unknown Source) at com.lenis0012.bukkit.ls.ThreadManager$3.run(ThreadManager.java:78) at org.bukkit.craftbukkit.v1_5_R3.scheduler.CraftTask.run(CraftTask.java:53) at org.bukkit.craftbukkit.v1_5_R3.scheduler.CraftScheduler.mainThreadHeartbeat(CraftScheduler.java:345) at net.minecraft.server.v1_5_R3.MinecraftServer.r(MinecraftServer.java:513) at net.minecraft.server.v1_5_R3.DedicatedServer.r(DedicatedServer.java:226) at net.minecraft.server.v1_5_R3.MinecraftServer.q(MinecraftServer.java:477) at net.minecraft.server.v1_5_R3.MinecraftServer.run(MinecraftServer.java:410) at net.minecraft.server.v1_5_R3.ThreadServerApplication.run(SourceFile:573)
-
View User Profile
-
Send Message
Posted Jun 5, 2013@JAHGoVeg
It'll be done by friday
-
View User Profile
-
Send Message
Posted Jun 3, 2013Desperately in need of the admin part of this plugin. It loses a lot of functionality without it. I love this plugin, and look forward to when it's reimplemented. any estimate as to how long till it's reimplemented?
-
View User Profile
-
Send Message
Posted Jun 3, 2013Is it possible to use no encryption? I backup my log files so I can go back to see what the password is if I wanted to anyways.. I tried turning encryption to false.
Thanks!