If you’re like me and have run a server before, you know that if one of your admins gets hacked, somehow your account gets hacked or similar, your server is basically screwed and there isn’t much you can do until the damage is done, since they like to do it when you’re not on. That’s not necessarily true, though.
This isn’t your traditional login system
Instead of annoyingly requiring admins to enter a password every time they join, we only check to see if they’re on an IP that seems suspicious to us. Then we require them to log in before they continue. Also, if somehow they get past the login, the plugin won’t let them give anyone else operator or admin permissions without banning them, since they need to still enter a passphrase before managing the server.
- “2factor authentication” for /op and player upranks
- Automatic banning of compromised administration accounts acting suspiciously.
- Monitoring of user IPs to watch for sudden changes in location via geoip and flagging users that have strangely different locations.
- Accounts that refuse to verify with the server will be banned and server administration will be notified.
How is this 2FA?
2FA simply means authentication with two factors involved. In this version of 2FA, we check against the players location via GeoIP and then watch for malicious activity (running bad commands!)
HuskySecurity is rather basic at the moment, but if the location check fails it will ask for your password.
/verify traveltrust- Temporarily trust this location for up to 3 days after it’s stopped being used.
/verify trust- “Permanently” trust this location, adding it to your trusted locations where you won’t be prompted to verify.
/verify revoketrust- Immediately revoke other trusted locations. This action is logged.
Demonstrational video (Up to date!)
Commands & Permissions
/verify- This is for basically everything in this plugin.
/verify < set/password/setpassword >- Updating your password if you don’t like / can’t remember it.
huskysecurity.verifyThis permission is for activating the verification check for a specified user. Use this wisely.
Support my code addiction, my projects and other random stuff I decide to waste money on to keep my sanity!
Questions & Suggestions
Feel free to ask support questions here, or preferably on GitHub Issues if it’s an error. Suggestions are always welcome!