LoginSecurity
LoginSecurity
LoginSecurity is a lightweight password authorization plugin. You can optionally set a password each time you enter the server, adding a double layer of security to your account. The password is stored inside the configuration file, nobody else except the server owner can access or modify it.
How does it work?
Install the pluign to your /plugins/ directory, then start your server.
Type /register <password>, your account is now locked with a password.
For each time you login, make sure to use /login <password>.
Features
- Register your account optional or required (change in config)
- 5 Useful commands to mangage your password
- Advanced administrative control
- Advanced documentation via wiki
- Secure password storage using BCrypt
- Secure sessions storing to improve user experience
- Customizable time-out
- Map captcha upon registration (user friendly)
- Conversion from AuthMe and xAuth (check wiki for more info)
- Premium support through AutoIn
- Automatic update with changelog overview
- Username filtering (length and characters)
- Highly detailed configuration
- Automatically updated translation manager (user-submitted)
- Prevents being kicked by orther players loging in with your name
Session login allows the user to log in right after they logged out and not have to type in their password again. (1 minute time limit of being logged out, stores IP during that time to keep everything safe)
Commands
/lac - Admin command, rmpass and reload
/register <password> - Set your password
/login <password> - Login with your password
/changepass <old> <new> - change your password
/logout - Logout
Permissions
- loginsecurity.admin - allows admin command
- loginsecurity.update - shows update notifications
Video
Thanks to ServerMiner for making this informative tutorial
Orther tutorials: German (by MineCraftler4Live)
Planned
- Add translation interface for easier language selection
- Suggestions?
Known Bugs
- Players can mount/dismount and ride on vehicles while not logged in
Disclaimer
By default, LoginSecurity will check for updates from bukkitdev every 3 hours.
This feature can be disabled by setting "update-checker" to "false"
Anyone with the permission node ls.admin will be notified of updates, and it also able to download them via /lac update.
Which again can be disabled by disabling the update-checker
This plugin utilises Hidendra's plugin metrics system, which means that the following information is collected and sent to mcstats.org:
- A unique identifier
- The server's version of Java
- Whether the server is in offline or online mode
- The plugin's version
- The server's version
- The OS version/name and architecture
- The core count for the CPU
- The number of players online
The Metrics version Opting out of this service can be done by editing plugins/Plugin Metrics/config.yml and changing opt-out to true.
Additionally, when the language setting is changed, information is retrieved from lang.lenis0012.com to aquire up to date translations.
Links
- v3.0.2 - Download (18 - 1.15)
- Source code (GitHub)
- https://github.com/lenis0012/LoginSecurity-2/wiki (Wiki)
- https://github.com/lenis0012/Translations/wiki/Contribute (Translation Contribution)
Donate
If you want to support me working on this project, please donate.
It helps me alot to keep my projects up.
Donate at the top right corner
sure )
Is this works for 1.8.9?
For 1.10.
I understand what the messages mean. I don't understand - why it need to file placed outside the server??? There are two problems with this:
(1) I can't change the messages
and
(2) if author's server (let say) is down - plugin gets a problem.
One question please. During the loading I got:
[03:03:34] [Server thread/INFO]: [LoginSecurity] Enabling LoginSecurity v2.1.6
[03:03:34] [Server thread/INFO]: [LoginSecurity] Loading base translations from "en_us"
[03:03:34] [Server thread/INFO]: [LoginSecurity] Loading specified translations from "ru_ru"
[03:03:34] [Server thread/WARN]: [AutoSaveWorld] Plugin LoginSecurity attempted to establish connection http://lang.lenis0012.com/language/ru_ru in main ser$
[03:03:34] [Server thread/WARN]: [AutoSaveWorld] Plugin LoginSecurity attempted to establish connection socket://lang.lenis0012.com:80 in main server thread
What does it mean?
means the server tried to connect to the language files but failed. (I'm 98% sure)
that I don't know. But I'm guessing it's trying to connect to something, maybe it's related to the error above.
Do you have the plugin [AutoSaveWorld] on your server?
> Do you have the plugin [AutoSaveWorld] on your server?
Yes, I do.
I think it's not good idea to have a language file outside of MC server. It would be better if messages keep on my server. So I'd might to correct your mistakes ))
> means the server tried to connect to the language files but failed. (I'm 98% sure)
I understand that very well ))
But Why have you done so? As you can see it just creates additional difficulties.
> Do you have the plugin [AutoSaveWorld] on your server?
Yes, I do.
I think it's not good idea to have a language file outside of MC server. It would be better if messages keep on my server. So I'd might to correct your mistakes ))
Okay, then I have no idea. I'm not the author.
There is no russian translation
https://github.com/lenis0012/Translations
After change AuthMe onto LoginSecurity and during the first loading the game I got two new strange messages:
first:
[00:28:10] [Server thread/ERROR]: ebean.properties not found
and:
[00:28:10] [Server thread/INFO]: Explicit Identity on com.lenis0012.bukkit.loginsecurity.storage.PlayerInventory but not supported by DB Platform - ignored
what do they mean?
I'm going to take a guess that you are trying to transfer the passwords from AuthMe onto LoginSecurity?
Try following this page from the wiki: https://github.com/lenis0012/LoginSecurity-2/wiki/AuthMe-Conversion
When I installed LoginSecurity, I did everything from your manual.
I believe that not only logins were transfered but passwords )
But the matter is that.
The installation of LoginSecurity is in Past.
This message I got NOT during the installation. I got this message EVERY TIME when I start my server.
Okay, first of all, I'm not the author XD I'm just helping people.
If you are getting this error, I think you should just re-install the plugin and get rid of the old passwords. It's not that hard for the players to re-register.
> I'm not the author XD I'm just helping people.
So thank you very much for your help!
> I think you should just re-install the plugin and get rid of the old passwords.
During the install process I got no one message of any error. So I'm not sure that it could be resolve by re-installation.
> It's not that hard for the players to re-register.
2000 customers? Oh, no. I don't think it's great idea. And I don't want to solve _my_ problems by palyers.
> If you are getting this error, I think you should...
But what does mean that message?.. What if it can't find "ebean.properties"? Where this file should be placed?
The ebean errors can be ignored.
WIll be resolved in 2.2
Yes.
It occurs when the database driver is initiated
just make an empty ebean.properties file in main server directory @swordin
Shortcut ("l" instead of "login") that can be used as alternative to login/register command -- DOES NOT work.
In my config:
# Shortcut that can be used as alternative to login/register command. Does not replace the defaults
command-shortcut:
enabled: true
login: /l
register: /reg
why so? ((
=====
> Did you reload the plugin/server after updating the config?
Yes, OF COURSE! ) (Sorry for capslock)
> What does it say when you type /l?
It says:
"Login failed! Invalid password.
Please log in using /login <password>."
but short 'reg' works good!
What does it say when you type /l? Did you reload the plugin/server after updating the config? And please edit posts instead of creating new ones, which is annoying, unless your previous post got kicked down to the bottom of the page.
Shortcuts are broken.
Fix pending for 2.2