LoginSecurity Icon



LoginSecurity is a lightweight password authorization plugin. You can optionally set a password each time you enter the server, adding a double layer of security to your account. The password is stored inside the configuration file, nobody else except the server owner can access or modify it.

How does it work?

Install the pluign to your /plugins/ directory, then start your server.
Type /register <password>, your account is now locked with a password.
For each time you login, make sure to use /login <password>.


  • Register your account optional or required (change in config)
  • 5 useful commands to manage your password
  • Saving supported in SQLite and MySQL
  • Encryption available in: MD5, SHA, SHA-1, SHA-256, SHA-512 and PHPBB3
  • Custom encoder: UTF-8 and UTF-16
  • Customizeable login session
  • Customizeable login timeout
  • Custom min and max length for passwords
  • Messager API for client mods
  • User friendly experiance
  • Converter for xAuth (detects if xAuth is installed)
  • Easy to use
  • Blocks anything from happening before logged in (commands, movement ,etc.)
  • Supports blindness effect for login
  • Prevents being kicked by orther players loging in with your name

Session login allows the user to log in right after they logged out and not have to type in their password again. (1 minute time limit of being logged out, stores IP during that time to keep everything safe)


/lac - Admin command, rmpass and reload

/register <password> - Set your password

/rmpass - Removes your password

/login <password> - Login with your password

/changepass <old> <new> - change your password

/logout - Logout


  • ls.admin - allows admin command


This tutorial is outdated, alot of things have changed after v2.0
Orther tutorials: German (by MineCraftler4Live)

To do

  • MD5 support
  • Add an IP lock
  • Add a login session
  • Fix /changepass
  • Add a language.yml for language support
  • add login timeout
  • add ip checker
  • Suggestions?

Known Bugs

  • Players can mount/dismount and ride on vehicles while not logged in


This plugin is connecting to mojang services to conver old data to new UUID data. It sends a request for every single player stored in your database, wich only hapends if you upgrade from 2.0.8 or lower to 2.0.9 or higher. This plugin utilises Hidendra's plugin metrics system, which means that the following information is collected and sent to mcstats.org:

  • A unique identifier
  • The server's version of Java
  • Whether the server is in offline or online mode
  • The plugin's version
  • The server's version
  • The OS version/name and architecture
  • The core count for the CPU
  • The number of players online
  • The Metrics version Opting out of this service can be done by editing plugins/Plugin Metrics/config.yml and changing opt-out to true.


If you want to support me working on this project, please donate.
It helps me alot to keep my projects up.
Donate at the top right corner

LoginSecurity build server Hit couter

You must login to post a comment. Don't have an account? Register to get one!

  • Avatar of TheLordofNyrin TheLordofNyrin Aug 12, 2014 at 20:54 UTC - 0 likes

    people cannot move even if admin with this plugin, even after login, had to remove, using cauldron for MC 1.6.4 r1.0 going to find something else now. this was going to work great except none of my players can move!

  • Avatar of A11ert A11ert Aug 08, 2014 at 20:21 UTC - 0 likes

    @AvengeR9966: Go

    they hacked your account

    bij using a capital letter in the name

    so if your name is Nick

    someone can hack your account bij using a cracked clint en make a his name NICK or NiCk or NIck or ....

    this is somthing why this plugin does not work on MultiCraft or Linux servers on Windows this hack doesnt work

    look at the users who logget in on your server. if there are people with capital letters in the names

  • Avatar of xion87 xion87 Aug 08, 2014 at 12:21 UTC - 0 likes

    add a converter from authme

    Italian Server/Custom Mobs/Weapons/Minigames/HG/Skywars/more!

  • Avatar of satlagamer satlagamer Aug 04, 2014 at 16:42 UTC - 0 likes

    @tennya: Go

    Tennya, I already set the MySQL settings to "true" and it made a table called "ls_users". But when I player tries to register with password, the console displays error and MySQL table is still empty without any information.

  • Avatar of tennya tennya Aug 03, 2014 at 04:19 UTC - 0 likes

    @satlagamer: Go

    use prefix ls_ on your table

  • Avatar of ZabriskiePoint ZabriskiePoint Aug 02, 2014 at 14:44 UTC - 0 likes

    Баги плагина для версии 1.5.2 бесконечны http://griefing.ru/blogs/griefings/bugs-plugin-loginsecurity Bugs plugin LoginSecurity to version 1.5.2 infinite

    Last edited Aug 02, 2014 by ZabriskiePoint
  • Avatar of satlagamer satlagamer Jul 29, 2014 at 12:50 UTC - 0 likes

    The plugin is not working well on 1.7.5 and 1.7.9 and 1.7.10. Session option is not working and MySQL is not working, I guess because of the UUID system. Can you please update your amazing plugin to 1.7.9? :D

  • Avatar of raton023 raton023 Jul 28, 2014 at 19:41 UTC - 0 likes

    @live4redline: Go

    you must not create tables by yourself just create the username and password and the database directory then run the server the plugin must create the tables on your mysql

    let me know if it works

  • Avatar of live4redline live4redline Jul 27, 2014 at 20:17 UTC - 1 like

    I have the plugin running on each of my servers but wanted to put it on SQL. But when i do, it activates on startup, but once you i try to issue a /register or join the server i get SQL errors in console.

    Says "Failed to create User", "com.mysql.jdbc.exceptions/jdbc4.MySQLSyntaxErrorException: You have an eror in your SQL syntax... bla bla bla ....wcla at line 1."

    Any idea how to fix this? I have tried several things in the SQL setup and older versions of the plugin and many server restarts and re-installs. Can someone point me in the write direction?

  • Avatar of Maeso Maeso Jul 26, 2014 at 13:23 UTC - 0 likes

    This plugin protect force op?

    - invalid username using:

    /rmpass /lac


Date created
Jul 07, 2012
Last update
May 02, 2014
Development stage
  • enUS
GNU General Public License version 3 (GPLv3)
Curse link
Recent files