MC2FA - Two Factor Authentication in Minecraft 0.1.0

QR TOTP Two Factor Authentication

  1. ConnorLinfoot
    Tested Minecraft Versions:
    • 1.8
    • 1.9
    • 1.10
    • 1.11
    • 1.12
    Source Code:
    https://github.com/ConnorLinfoot/MC2FA
    Contributors:
    Connor Linfoot
    Everyday hundreds of Minecraft accounts are compromised, leading servers to also be prone to this fate. MC2FA is a two factor authentication plugin built to prevent compromised accounts resulting in compromised servers.

    MC2FA uses the well known Google Auth and TOTP authentication to generate a random 6 digit code which changes every 30 seconds. Setup is also quick and easy, a QR code is displayed in-game and can be scanned by mobile 2FA apps.

    Please Note: Currently this plugin is in a beta state while I make sure it works as expected without bugs or bypasses. It is possible that there is something I've missed that allows players to bypass the auth point of the login, hopefully this isn't the case but it is possible.​

    ▶ Features
    • Designed to work out of the box. Just copy the plugin into your plugins folder and restart your server.
    • Custom messages and prefix.
    • In-game QR display using maps.
    • Ability to force 2FA for players (or just OP)
    • Disables tasks such as player movement, block breaking, chat, inventory changes etc.
    ▶ Planned
    • BungeeCord support
    • MySQL support
    • Fallback key, allow players to be given a backup key in the case that they lose their 2FA device
    • Admin commands, allow staff to view players with 2FA and disable if needed
    • Auto-allow if on the same IP within a certain time (option)
    ▶ Requirements
    • Bukkit/Spigot 1.8 or later.
    • Java 8 or later.
    ▶ Reporting Bugs/Bypasses

    If you do happen to find any bugs or ways to bypass the authentication system I ask that you report non-critical issues on GitHub. If there is a critical bypass you can email [email protected]

    ▶ Screenshots

    [​IMG]
    [​IMG]
    Roy7885 likes this.

Recent Reviews

  1. skino0
    skino0
    2/5,
    Version: 0.1.0
    Im excited when i found this plugin.. but all works perfect until im gonna put for first time 2fa key from Authy app .. it says invalid key all keys i typed and i typed 5 different new keys , account is connected to app with correct OTP Label
  2. drtshock
    drtshock
    5/5,
    Version: 0.1.0
    Using it on https://www.minehut.com/ and working very well across many servers. Thanks for writing a free 2fa plugin that works great and has QR codes.
  3. R00t
    R00t
    5/5,
    Version: 0.1.0
    Simply a work of art, and using this on my server, great job with the code! I don’t know how you did it, thanks!
  4. oliverjdk
    oliverjdk
    5/5,
    Version: 0.1.0
    - - - - - - - - - - - - - - - - - - - - - - -
    Pls fix ip log else god plugin
    - - - - - - - - - - - - - - - - - - - - - - -
  5. untuned
    untuned
    5/5,
    Version: 0.1.0
    Once you add stuff like forcing people with permission, and adding admin commands, you could easily out-do md_5 with this. The only problem is that I hope it stays free :3
  6. BrettPlayMC
    BrettPlayMC
    5/5,
    Version: 0.1.0
    Amazing plugin! Works perfect and is free! I think you've out done md_5! Thanks for this piece of art!