*** This plugin works best on 1.14.4+
The Issue
Every day server owners are at risk of having their accounts hijacked, hacked, or broken into. Just like you can with your online accounts, this plugin enables you to associate second device which is required to access your server.
What it Does
Once installed, users will be able to activate two factor authentication on their account. This will provide them with a code which can be entered into a phone or other device. Once two factor authentication has been enabled, users will be required to enter a constantly changing code before they can do anything.
Applications
Any rfc6238 application may be used to generate your two factor auth codes. I use Google Authenticator to test, however Authy, Microsoft Authenticator and Duo Mobile are all known to work as well.
Installation
Installing this plugin is very simple. Simply drop it into your plugins folder and restart the server. There is also MySQL support included, simply insert your details into the configuration and change the storage option to mysql.
BungeeCord
You can also drop the jar into BungeeCord's plugin folder and enable bungee in the Spigot plugin's config.yml to block BungeeCord commands when not authenticated.
Permissions
There is only one command: /2fa (alias: /auth), and it requires the minesecure.2fa permission (granted by default). You can use this command in a variety of ways:
Notes:
This plugin is fully UUID ready, it does not store any information by player name. SQLite is the preferred storage engine, however MySQL is also available.
Thanks:
Thanks for looking at this plugin. I do realize it is quite niche, however I do hope that you buy it - the code is top notch and I spent a lot of time perfecting it. If you have any suggestions or ideas I'd love to hear them.
Ideas for more features:
The more popular this plugin gets, the more of these features I'll implement:
The Issue
Every day server owners are at risk of having their accounts hijacked, hacked, or broken into. Just like you can with your online accounts, this plugin enables you to associate second device which is required to access your server.
What it Does
Once installed, users will be able to activate two factor authentication on their account. This will provide them with a code which can be entered into a phone or other device. Once two factor authentication has been enabled, users will be required to enter a constantly changing code before they can do anything.
Applications
Any rfc6238 application may be used to generate your two factor auth codes. I use Google Authenticator to test, however Authy, Microsoft Authenticator and Duo Mobile are all known to work as well.
Installation
Installing this plugin is very simple. Simply drop it into your plugins folder and restart the server. There is also MySQL support included, simply insert your details into the configuration and change the storage option to mysql.
BungeeCord
You can also drop the jar into BungeeCord's plugin folder and enable bungee in the Spigot plugin's config.yml to block BungeeCord commands when not authenticated.
Permissions
- minesecure.*: All permissions
- minesecure.2fa: Allow using two factor auth
- minesecure.admin: Remove two factor auth from other users
- minesecure.required: Force 2fa authentication
- minesecure.remove: Remove own 2fa authentication
There is only one command: /2fa (alias: /auth), and it requires the minesecure.2fa permission (granted by default). You can use this command in a variety of ways:
- /2fa: Set up two factor authentication. This will give you a map which you can scan into your phone or a code to copy down.
- /2fa <code>: Verify the code you received above to activate two factor auth, or log you in to your account if two factor auth is required.
- /2fa remove: Sorry to see you go, but this will remove two factor auth from your account.
- /2fa remove <user>: If you have the appropriate permission, this will remove two factor auth from another user.
- mysql: Enter your MySQL settings into these values (if desired)
- storage: sqlite or mysql, take your pick
- message: Customize various messages here
- code.url: Customize the URL which is given to users in their app. You will probably want to set this to include your Minecraft server. {0} is expanded to the secret code and {1} to the users name.
- code.window: Customize the window period for your code. This period defines how long a code can be used before or after it expires.
- session.time: Time length in minutes that IP addresses will be remembered and users won't have to auth again.
- command.throttle: Time in milliseconds between multiple command uses.
- bungeecord: Whether to enable BungeeCord support.
- Plugin must also be uploaded to BungeeCord and all servers.
Notes:
This plugin is fully UUID ready, it does not store any information by player name. SQLite is the preferred storage engine, however MySQL is also available.
Thanks:
Thanks for looking at this plugin. I do realize it is quite niche, however I do hope that you buy it - the code is top notch and I spent a lot of time perfecting it. If you have any suggestions or ideas I'd love to hear them.
Ideas for more features:
The more popular this plugin gets, the more of these features I'll implement:
- Remember last used IPs: No need to log on every single time if your IP is still the same. This will also enable BungeeCord support when used with MySQL. Implemented
- Way to force users to require 2fa Implemented
- BungeeCord sided edition Partially Implemented
- Can drop MineSecure.jar into BungeeCord to block commands there [1.14 only]
