LoginSecurity Icon



LoginSecurity is a lightweight password authorization plugin. You can optionally set a password each time you enter the server, adding a double layer of security to your account. The password is stored inside the configuration file, nobody else except the server owner can access or modify it.

How does it work?

Install the pluign to your /plugins/ directory, then start your server.
Type /register <password>, your account is now locked with a password.
For each time you login, make sure to use /login <password>.


  • Register your account optional or required (change in config)
  • 5 useful commands to manage your password
  • Saving supported in SQLite and MySQL
  • Encryption available in: MD5, SHA, SHA-1, SHA-256, SHA-512 and PHPBB3
  • Custom encoder: UTF-8 and UTF-16
  • Customizeable login session
  • Customizeable login timeout
  • Custom min and max length for passwords
  • Messager API for client mods
  • User friendly experiance
  • Converter for xAuth (detects if xAuth is installed)
  • Easy to use
  • Blocks anything from happening before logged in (commands, movement ,etc.)
  • Supports blindness effect for login
  • Prevents being kicked by orther players loging in with your name

Session login allows the user to log in right after they logged out and not have to type in their password again. (1 minute time limit of being logged out, stores IP during that time to keep everything safe)


/lac - Admin command, rmpass and reload

/register <password> - Set your password

/rmpass - Removes your password

/login <password> - Login with your password

/changepass <old> <new> - change your password

/logout - Logout


  • ls.admin - allows admin command


This tutorial is outdated, alot of things have changed after v2.0
Orther tutorials: German (by MineCraftler4Live)

To do

  • MD5 support
  • Add an IP lock
  • Add a login session
  • Fix /changepass
  • Add a language.yml for language support
  • add login timeout
  • add ip checker
  • Suggestions?

Known Bugs

  • Players can mount/dismount and ride on vehicles while not logged in


This plugin is connecting to mojang services to conver old data to new UUID data. It sends a request for every single player stored in your database, wich only hapends if you upgrade from 2.0.8 or lower to 2.0.9 or higher. This plugin utilises Hidendra's plugin metrics system, which means that the following information is collected and sent to mcstats.org:

  • A unique identifier
  • The server's version of Java
  • Whether the server is in offline or online mode
  • The plugin's version
  • The server's version
  • The OS version/name and architecture
  • The core count for the CPU
  • The number of players online
  • The Metrics version Opting out of this service can be done by editing plugins/Plugin Metrics/config.yml and changing opt-out to true.


If you want to support me working on this project, please donate.
It helps me alot to keep my projects up.
Donate at the top right corner

LoginSecurity build server Hit couter

You must login to post a comment. Don't have an account? Register to get one!

  • Avatar of LordDWT LordDWT Jul 26, 2015 at 22:00 UTC - 0 likes

    @StealthBravo: Go

    Looks liked its gone now. Good work!

  • Avatar of gabrielgugo gabrielgugo Jul 23, 2015 at 02:06 UTC - 0 likes

    As I get VIPs and ordinary users have to log in, you only have to press the op Jump to content Log

  • Avatar of Kritexx Kritexx Jul 18, 2015 at 15:59 UTC - 0 likes

    Could you please put converter from Authme to Loginsecurity?

  • Avatar of chashbot chashbot Jun 27, 2015 at 13:35 UTC - 0 likes

    /lac rmpass doesnt work? It always says invalid username...?

  • Avatar of StealthBravo StealthBravo Jun 26, 2015 at 03:17 UTC - 0 likes

    @kbalor: Go

    @LordDWT: Go

    I have posted to the topic calling the author out on his stupidity. https://www.spigotmc.org/threads/login-security-2.55847/page-2#post-819014

    I've also reported it, hopefully it gets taken down.

    BFAK:90607902,2c101e584d58ca7a118e751fa53a0f50d93cfe1bea9527c8a403566f7c378816 minecraftforum.net Moderator - http://www.minecraftforum.net/user/1094033-stealthbravo/

  • Avatar of kbalor kbalor Jun 24, 2015 at 09:34 UTC - 0 likes

    @LordDWT: Go

    yep because taking someones work without permission is forbidden and unacceptable.

  • Avatar of LordDWT LordDWT Jun 02, 2015 at 22:53 UTC - 0 likes


    Your project was copied directly on Spigot forums:


    He claims you have abandoned your project and is continuing your work. I don't know if it matters or not but I thought you might like to know.

  • Avatar of BotanistT BotanistT May 31, 2015 at 15:32 UTC - 0 likes

    Could you please add option that before you are logged into your account you are teleported to spawn and when you login you are back to your previous location. This would be really cool because some people may get your location in this way (coordinates)

  • Avatar of lenis0012 lenis0012 May 25, 2015 at 21:13 UTC - 0 likes

    The Jenkins dev builds are back up btw. =)

  • Avatar of lenis0012 lenis0012 May 25, 2015 at 18:34 UTC - 0 likes

    @Rouchesta: Go

    this issue was resolved a while ago. @RedLegJohnny: Go

    This issue is not related to my plugin.

    On a side note of things, its been quiet for a while, but im working on a new version should be out soon Feel free to PM me if i forget about it ;P


Date created
Jul 07, 2012
Last update
Oct 27, 2014
Development stage
  • enUS
GNU General Public License version 3 (GPLv3)
Curse link
Recent files