
Op Login
OpLogin keeps operator accounts safe by locking admin privileges until the real player authenticates. It adds a simple extra layer of protection against stolen accounts, shared access, and accidental permission abuse.
- Загрузки
- 2K
- Подписчики
- 7
- Обновлён
- 11 марта 2026 г.
- Лицензия
- MIT
Опубликован 5 августа 2024 г.
OpLogin
OpLogin is a Paper plugin that keeps operator accounts usable for normal gameplay while locking operator privileges behind authentication. Operators join in a locked state, unlock only when needed, and return to a protected state automatically or manually.
Features
- Locked operator sessions that disable operator privileges until authentication.
- BCrypt password storage with one-time migration support for older AES-encrypted entries.
- Chat-safe password login flow:
/oploginstarts login and the next chat message is captured privately. - Optional PIN keypad mode with randomized digit positions and custom number heads.
- Manual
/oplogoutsupport that immediately locks privileges and clears trusted IP auto-login state. - Sensitive command protection that overrides whitelist mistakes for high-risk commands.
- Temporary unlock timeouts and optional auto-locking after sensitive commands.
- Failed login attempt tracking with temporary blocking.
- Operator command audit logging.
- Emergency
/oplockdowncommand to force all online operators back into the locked state. - Trusted IP auto-login support that only applies after a successful authenticated login.
Commands
/opsetpass <player> <password>Console-only. Sets or replaces an operator credential./oploginStarts authentication. In password mode the next chat message is treated as the password. In PIN mode a keypad GUI opens./oplogoutLocks the current operator session immediately and clears remembered IP login for that operator./resetop <player>Console-only. Removes an operator credential./opreloadConsole-only. Reloads config and whitelist data./oplockdownConsole-only. Forces all online operators back into the locked state.
Authentication Modes
Password Mode
- Default mode.
- Operators use
/oplogin, then type their password in chat. - Passwords must meet
security.min-password-length.
PIN Mode
- Optional and disabled by default.
- Operators use
/oploginand receive a randomized keypad GUI. - Stored credentials must be numeric and match
security.pin-mode.length. - Number head textures in the keypad use assets from minecraft-heads.com.

Important Mode Change Behavior
- Switching between password mode and PIN mode resets all stored operator credentials and trusted IP entries on the next startup or
/opreload. - This is intentional so text passwords cannot remain active in PIN mode, and PIN-only credentials do not carry over into password mode.
Installation
- Download the latest jar.
- Place it in the server
pluginsdirectory. - Start the server once to generate
config.ymlandwhitelist.yml. - Configure the plugin and reload or restart the server.
Configuration
config.yml
Relevant options:
security:
min-password-length: 8
max-login-attempts: 3
block-duration: 15
enable-ip-auto-login: true
unlock-duration-seconds: 300
auto-lock-ops-on-join: true
pin-mode:
enabled: false
length: 4
title: '&8OpLogin PIN'
Notes:
enable-ip-auto-loginremembers the IP only after a successful authenticated login.- Using
/oplogoutclears the remembered IP for that operator immediately. - If PIN mode is enabled, credentials set with
/opsetpassmust be numeric and match the configured PIN length.
whitelist.yml
Commands listed here can still be used while locked, except for sensitive commands that are always blocked until authentication.
Default example:
whitelisted-commands:
- help
- oplogin
- list
- ping
Usage
Set a Credential
Use /opsetpass <player> <password> from the console.
Log In
Use /oplogin.
Log Out
Use /oplogout to re-lock privileges without leaving the server.
Reset a Credential
Use /resetop <player> from the console.
Compatibility
- Minecraft: Paper 1.21.x
- Java: 21
Credits
- PIN keypad head textures: minecraft-heads.com
Ченджлог
1.4.1Релиз1.21.9, 1.21.10, 1.21.11 · 11 марта 2026 г.
[1.4.1]
Fixed
- Restarting the server no longer causes plugin-locked operators to lose their operator status.
- Added recovery tracking so operator accounts temporarily de-opped by OpLogin are restored safely on the next startup.
1.4.0Бета1.21.9, 1.21.10, 1.21.11 · 11 марта 2026 г.
[1.4.0]
Added
- Locked operator session system that disables operator privileges until authentication.
- Manual
/oplogoutcommand. - Emergency
/oplockdowncommand. - Sensitive command protection for high-risk administrative commands.
- Operator audit log for authenticated operator command usage.
- Temporary unlock timeout support.
- Optional auto-lock after sensitive commands.
- Optional PIN keypad login mode with randomized digit placement.
- Custom number-head keypad assets with credit to
minecraft-heads.com.
1.3.0Релиз1.21.5, 1.21.6, 1.21.7 · 8 июля 2025 г.
[1.3.0]
Added
- IP-based auto-login system
- Automatic login based on trusted IP addresses
- IP address stored after successful password login
- Configurable through
security.enable-ip-auto-login - Secure storage of trusted IP addresses
- New configuration options
- IP auto-login toggle in security settings
- Auto-login success message customization
- Trusted IP storage section
1.2.0Релиз1.21.2, 1.21.3, 1.21.4 · 21 марта 2025 г.
[1.2.0]
Changed
- Updated Paper API dependency to 1.21.4
- Updated plugin version to reflect Minecraft version support
- Maintained compatibility with all 1.21.x versions
Added
- Password encryption using AES
- Automatic encryption key generation
- Secure password storage
- Encrypted password handling
- Enhanced security features
- Password attempt limiting
- Temporary blocking after failed attempts
- Configurable security settings
- Configurable messages system
- Customizable message prefix
- Color code support
- Placeholders for dynamic content
- New configuration options
- Minimum password length
- Maximum login attempts
- Block duration settings
- Customizable messages
Changed
- Password storage system
- Now uses encrypted format
- Secure key storage
- Better password validation
- Command handling
- Hidden password input in console
- Improved security checks
- Better error handling
- Configuration structure
- Added security settings section
- Added messages section
- More configurable options
Security
- Implemented AES encryption for passwords
- Added brute force protection
- Improved password handling security
- Hidden password logging
1.1.0Релиз1.21.2, 1.21.3, 1.21.4 · 5 января 2025 г.
Changelog
All notable changes to OpLogin will be documented in this file.
[1.1.0]
Added
- Command whitelist system
- New
whitelist.ymlconfiguration file - Ability to specify commands that don't require login
- Default whitelisted commands: help, oplogin, list, ping
- New
- New
/opreloadcommand- Console-only command to reload configuration
- Reloads both passwords and whitelist without server restart
- Case-insensitive command handling
- Improved error messages with color formatting
Changed
- Restructured configuration system
- Split into separate config.yml and whitelist.yml
- Better file handling and error checking
- Enhanced password management
- Case-insensitive player name handling
- Automatic saving on password changes
- Improved command security
- Stricter console-only command enforcement
- Better validation of command inputs
Fixed
- Password persistence issues
- Command handling edge cases
- File creation and loading issues
1.0-SNAPSHOTАльфа1.20.5, 1.20.6, 1.21 · 5 августа 2024 г.
[1.0.0] - Initial Release
Added
- Basic password protection for OP commands
- Console-only password management
- Three main commands:
/opsetpass- Set OP passwords/oplogin- Authenticate as OP/resetop- Reset OP passwords
- Persistent password storage
- Automatic logout on player disconnect
Комментарии
Загружаем…