LoginSecurity Icon



LoginSecurity is a lightweight password authorization plugin. You can optionally set a password each time you enter the server, adding a double layer of security to your account. The password is stored inside the configuration file, nobody else except the server owner can access or modify it.

How does it work?

Install the pluign to your /plugins/ directory, then start your server.
Type /register <password>, your account is now locked with a password.
For each time you login, make sure to use /login <password>.


  • Register your account optional or required (change in config)
  • 5 useful commands to manage your password
  • Saving supported in SQLite and MySQL
  • Encryption available in: MD5, SHA, SHA-1, SHA-256, SHA-512 and PHPBB3
  • Custom encoder: UTF-8 and UTF-16
  • Customizeable login session
  • Customizeable login timeout
  • Custom min and max length for passwords
  • Messager API for client mods
  • User friendly experiance
  • Converter for xAuth (detects if xAuth is installed)
  • Easy to use
  • Blocks anything from happening before logged in (commands, movement ,etc.)
  • Supports blindness effect for login
  • Prevents being kicked by orther players loging in with your name

Session login allows the user to log in right after they logged out and not have to type in their password again. (1 minute time limit of being logged out, stores IP during that time to keep everything safe)


/lac - Admin command, rmpass and reload

/register <password> - Set your password

/rmpass - Removes your password

/login <password> - Login with your password

/changepass <old> <new> - change your password

/logout - Logout


  • ls.admin - allows admin command


This tutorial is outdated, alot of things have changed after v2.0
Orther tutorials: German (by MineCraftler4Live)

To do

  • MD5 support
  • Add an IP lock
  • Add a login session
  • Fix /changepass
  • Add a language.yml for language support
  • add login timeout
  • add ip checker
  • Suggestions?

Known Bugs

  • Players can mount/dismount and ride on vehicles while not logged in


If you want to support me working on this project, please donate.
It helps me alot to keep my projects up.
Donate at the top right corner

LoginSecurity build server

You must login to post a comment. Don't have an account? Register to get one!

  • Avatar of MadFactory MadFactory Apr 19, 2014 at 15:10 UTC - 0 likes

    Hi, i'm trying to use your plugin for my server. My users create an account on my server's website, with a password. I want to use that password to login in the game.

    Then I set up the MySQL DB and when I register from the game with /register <password> it works fine. But when I try to add a player in the database from PHP, it doesn't works ! I'm using SHA-1 algorithm, and i proceed like that :


    When I try to login in the game, i got an "Invalid password" error... Then i tried to register from the game an other account with the same password. In my MysqlDB, the two password fields are exactly the same. It works with the in-game registered account, not with the myself-registered...

    So i think it's an encoding issue, i'm using UTF-8 with php and with the plugin. BTW, the Mysql table created by the plugin have a "latin1_swedish_ci" instead of utf8 (it doesn't matter i think).

    Can you help me ? Here is my code if needed :

    mysql_query("use loginsecurity",$db);
    mysql_query("insert into users values (\"".utf8_encode("mytest")."\",\"".utf8_encode(base64_encode(sha1("password",1)))."\",3,\"".utf8_encode("/".$_SERVER['REMOTE_ADDR'])."\")",$db) or die (mysql_error());


    PS: what's the utility of the IP field ?

    Last edited Apr 19, 2014 by MadFactory
  • Avatar of ferfried ferfried Apr 17, 2014 at 23:21 UTC - 0 likes

    Nevermind, I already got it working.

    If there is / will be anyone having the same problems, the solution that worked for me was adding "essentials.help.loginsecurity" to my permissions-file.

    You're welcome, bye. ;)

  • Avatar of ferfried ferfried Apr 17, 2014 at 16:37 UTC - 0 likes

    Does anyone have an idea what the permissions-node is to see login-security help? I am using PermissionsEX and set the permissions so the players can use the commands /register, /login, /changepass & /logout.

    These can be used without any problems, still nobody can view the commands using /help or /help loginsecurity except me as the operator.

    Further information: We are using Essentials but everyone of the players got the permission essentials.help

  • Avatar of Deatknight842 Deatknight842 Apr 17, 2014 at 06:33 UTC - 0 likes

    Forgive me for not checking first but I'm rather busy. Does anyone know if login security MySQL has support for a sessions table? That way the users will keep their session switching between servers?

  • Avatar of lenis0012 lenis0012 Apr 17, 2014 at 06:04 UTC - 0 likes

    @wildertnis: Go

    if you relog there is a 60 second session. Wich means if you join back within 60 seconds using the same ip you will be automacly logged in.

    This can be configured.

    @streetkilln: Go

    What do you mean by that?

    lenis0012.com (Comming soon)

  • Avatar of streetkilln streetkilln Apr 16, 2014 at 02:34 UTC - 0 likes

    can u set login for certain groups?

  • Avatar of wildertnis wildertnis Apr 15, 2014 at 19:46 UTC - 0 likes

    Players that use /register [password] don't have to login when they leave my server and join again. It Works with me, but not with other players.

    any help?

  • Avatar of lenis0012 lenis0012 Apr 15, 2014 at 15:17 UTC - 0 likes

    UUID hotfix uploaded to jenkins. Could some people help me testing?

    Make sure to create backups and read the log when starting

  • Avatar of Quaziz Quaziz Apr 07, 2014 at 20:24 UTC - 0 likes

    as i have registration though my website i dont like the message "Please register using /register <password>". It should not be possible to do the registration in game. My suggestion are therefore the possibility to change or remove this message.

    My second suggestion is the possibility to use an other table than users. Two easy config setting.

    ty for a usefull plugin!

  • Avatar of HaoSs HaoSs Apr 04, 2014 at 00:33 UTC - 0 likes

    my i suggest adding java mail ? making it able to register via mail. and recover password via mail


Date created
Jul 07, 2012
Last update
Mar 13, 2014
Development stage
  • enUS
GNU General Public License version 3 (GPLv3)
Curse link
Recent files