LoginSecurity Icon



LoginSecurity is a lightweight password authorization plugin. You can optionally set a password each time you enter the server, adding a double layer of security to your account. The password is stored inside the configuration file, nobody else except the server owner can access or modify it.

How does it work?

Install the pluign to your /plugins/ directory, then start your server.
Type /register <password>, your account is now locked with a password.
For each time you login, make sure to use /login <password>.


  • Register your account optional or required (change in config)
  • 5 Useful commands to mangage your password
  • Advanced administrative control
  • Advanced documentation via wiki
  • 5 Secure password algorithms: BCrypt, SCrypt, PBKDF2, Whirlpool and SHA3_256
  • Secure sessions storing to improve user experiance
  • Customizable time-out
  • Map captcha upon registration (user friendly)
  • Conversion from AuthMe and xAuth (check wiki for more info)
  • Premium support through AutoIn
  • Automatic update with changelog overview
  • Username filtering (length and characters)
  • Highly detailed configuration
  • Automatically updated translation manager (user-submitted)
  • Prevents being kicked by orther players loging in with your name

Session login allows the user to log in right after they logged out and not have to type in their password again. (1 minute time limit of being logged out, stores IP during that time to keep everything safe)


/lac - Admin command, rmpass and reload

/register <password> - Set your password

/rmpass - Removes your password temporary removed in 2.1

/login <password> - Login with your password

/changepass <old> <new> - change your password

/logout - Logout


  • loginsecurity.admin - allows admin command
  • loginsecurity.update - shows update notifications


Thanks to ServerMiner for making this informative tutorial
Orther tutorials: German (by MineCraftler4Live)


  • Add translation interface for easier language selection
  • Suggestions?

Known Bugs

  • Players can mount/dismount and ride on vehicles while not logged in


By default, LoginSecurity will check for updates from bukkitdev every 3 hours.
This feature can be disabled by setting "update-checker" to "false"
Anyone with the permission node ls.admin will be notified of updates, and it also able to download them via /lac update.
Which again can be disabled by disabling the update-checker

This plugin utilises Hidendra's plugin metrics system, which means that the following information is collected and sent to mcstats.org:

  • A unique identifier
  • The server's version of Java
  • Whether the server is in offline or online mode
  • The plugin's version
  • The server's version
  • The OS version/name and architecture
  • The core count for the CPU
  • The number of players online

The Metrics version Opting out of this service can be done by editing plugins/Plugin Metrics/config.yml and changing opt-out to true.
Additionally, when the language setting is changed, information is retrieved from lang.lenis0012.com to aquire up to date translations.


If you want to support me working on this project, please donate.
It helps me alot to keep my projects up.
Donate at the top right corner

LoginSecurity build server

You must login to post a comment. Don't have an account? Register to get one!

  • Avatar of lenis0012 lenis0012 Aug 21, 2016 at 17:31 UTC - 0 likes

    @plachta3: Go

    Im very sorry that you are experiance these severe issues May i recommend disabling hide-inventory for the time being, i will have a fix for this issue in the next version

    Follow me on twitter for updates: @lenis0012

  • Avatar of lenis0012 lenis0012 Aug 21, 2016 at 17:31 UTC - 0 likes

    @CronanDrkGameYT: Go

    could you report these messages?

  • Avatar of CronanDrkGameYT CronanDrkGameYT Aug 18, 2016 at 16:44 UTC - 0 likes

    I put it on my server but when i do it keeps putting warn msgs in console and wont let anyone register or login.

  • Avatar of plachta3 plachta3 Jul 31, 2016 at 14:23 UTC - 0 likes


    All players who log out and log in lost all their items from inventory.

    • LoginSecurity v2.1.4 (Jul 18, 2016)
    • i have fresh install (i remove old config and setup new database)
    • only mySQL configured if i remember
    • remove inventory for all players who logout for longer then 1 minute (limit for password less login)
    • my server run spigot-1.10.2-R0.1-SNAPSHOT
    • hide-inventory: true -> hide-inventory: false fix this issue
  • Avatar of hutt132 hutt132 Jul 25, 2016 at 21:49 UTC - 0 likes

    @lenis0012: Go

    Thank you. Here's my config if needed: http://pastebin.com/NxmRyNtV I'm using MySQL for the database.

  • Avatar of lenis0012 lenis0012 Jul 24, 2016 at 18:02 UTC - 0 likes

    @hutt132: Go

    i will take a look at it.

  • Avatar of hutt132 hutt132 Jul 23, 2016 at 06:30 UTC - 0 likes

    Using v2.1.4 with Spigot. Getting this error whenever a player joins: http://pastebin.com/Auk97ND3

  • Avatar of lenis0012 lenis0012 Jul 20, 2016 at 17:59 UTC - 0 likes

    @zhongshinan: Go

    Contact me through PM :)

  • Avatar of zhongshinan zhongshinan Jul 20, 2016 at 03:49 UTC - 0 likes

    Hello.I come from China.I want to take this plugin to MCBBS.Can you agree with me? www.mcbbs.net

    Thank you

  • Avatar of lenis0012 lenis0012 Jul 18, 2016 at 06:05 UTC - 1 like

    @ServerMiner: Go

    We already use this tutorial on our page :)

    I found it on youtube a while ago and really liked it.
    Could you guys do one on Marriage Reloaded?

    @ThisUsernameIsMine: Go

    Thanks for helping people out.
    v2.1.4 has been uploaded and should resolve a lot of issues regarding the rmpass command.