- Tested Minecraft Versions:
- Source Code:
Uses hashing and salting to secure passwords in such a way that even I can't tell you what they are
- Password Security
Limited login attempts allow you to run a custom command when a player gets their password wrong too many times. By default, the limit is 3 attempts and then the player is kicked. both the limit and the command that is run can be changed.
- Limited Login Attempts
Because I haven't put in a lot of fancy features the plugin is lite and easy to run making it perfect for small and massive servers
- Simple and Fast
If you have a MySQL database for your Minecraft server, LapisLogin can use this to store our player data so that it's not stored on disk. This allows you to thereticly push passwords out over multiple servers in a network. You can also use SQLite if you wish
- MySQL and SQLite Database Support
If you don't want all players to be required to register then you only need to give the permission lapislogin.optional to the players you want to be able to register and lapislogin.required to people who must register. Other players can still register if they wish but it won't be a requirement. This might be handy if you want to force staff to secure their account but don't want to force players too.
- Optional Registration
Inventory Hiding allows the server to temporarily store a players inventory while they aren't logged in. This stops a player from getting information about the items you have in your inventory that might allow special permissions or access to areas of the server.
- Inventory Hiding
This only applies to players who are registered but not logged in or players who are required to register but haven't. These players will not be able to move, chat, use commands other than /login and /register, access inventories like chests and alter their own inventory if inventory hiding is disabled
- Player Locking
All messages but command usage are editable and translatable should you wish to do so. This also allows you to theme the messages to match the theme of your server. The messages also have primary and secondary colours meaning you only have to change 2 values to change the colours of all the messages in an effortless way
- Customization for Messages
without any arguments, this command displays plugin information
- /lapislogin (help, reload or update)
Help: displays a list of all commands that you have permission to use and tells you what each does
Reload(requires admin permissions): Reloads the config.yml and the Messages.yml from disk
Update(requires admin permissions): Checks for an update, if an update is available it will be downloaded to be installed the next time the server starts
This command allows the player to login after this command is run the player will be allowed to move and be given back their inventory if inventory hiding is on
- /login (Password)
The password entered must match the one used at registration for the command to be successful
This command will lock players account so that they will need to log in again regardless of how long they are offline,
this could be helpful if someone doesn't trust a friend or family member who has access to their computer.
it will also hide the player's inventory if inventory hiding is enabled
This command registers the player's password to the server, this command must be run to secure an account and will be required by any player with the lapislogin.required permission before
- /register (Password) (Password)
they are allowed to do anything(e.g. use chat, move, access inventory etc)
both passwords must match for this command to be successful
This command allows a player to change their password. The player must be logged in to use the command
- /changepassword (OldPassword) (NewPassword) (NewPassword)
the command fails if the old password is incorrect or if the new passwords don't match
(This is an admin command)
- /resetpassword (player)
This command will de-register a player, forcing them to use the register command again. The main use of this command is for players who have forgotten their password.
The command will also hide a players inventory and send them a message to re-register if they are online and have the lapislogin.required permission
Players with this permission or lapislogin.required will be allowed to login, any players without either of these permissions won't event know the plugin is there
Players with this permission will be forced to register before they are allowed to interact with the server
allows the player to reset other players passwords with /resetpassword
Information about how to use the API can be found on the JavaDocs
Simply get an instance of the LapisLoginAPI class with your plugin class and call the LapisLoginAPIPlayer method with the UUID to get the player object.
If you have made an add-on for LapisLogin and would like to see it featured here, just send me a private message with a download like. preferably a GitHub release page.
LapisLoginStrength: This add-on allows you to specify a password strength that must be reached before a player can use that password. this means you can stop the player from using weak passwords. it makes use of zxcvbn4j which is a great API for password strength testing.
The plugin will automatically check for updates and notify you when one is available. you can enable update downloading, this means that the plugin will automatically download and install updates the moment they come out. You can also force the server to check for and download available updates with /lapislogin update
This plugin can collect data about how many players and servers are using it and what specifications they have.
The source code can be found HERE, If you want to contribute, please use pull requests or the issues system on GitHub.
500 - ✘
1,000 - ✘
1,500 - ✘
2,000 - ✘
Lapis Login 1.1.4
A simple way to secure your players accounts