FlexibleLogin [v0.17] for Sponge 7+ - Auth plugin - 2FA


nope, this bug is fixed


Question: How do the server owners check the password of the poeple that registered?


You shouldn't. You should never see the password of your users. Some users might use the same password for other services like their own email account. This will be a security issue.


So server owners can't see the passwords. How can we give someone their password if they forgot it?
And, thanks for the quick reply


Set the password to a temporarily one using

/flexiblelogin resetpw <password>

Then the user should change it after a successfull login with /changepassword


Is /flexiblelogin resetpw only executable by ops or by anyone?


it can only be executed by ops


Another question: Do we need to op the player we are targeting with the command or how exactly do we do it?


My bad it's

/flexiblelogin resetpw <account> <password>


Hello,I like this plugin very much.I want to share this plugin in MCBBS.Can you agree with me?


Can you please update the plugin?
If someone enter in the server the name is not Case sensitive, if a admin have the name "abcfer" someone that enter with "Abcfer" can have all permissions of "abcfer"


This plugin only checks for permissions. This is something the permissions plugin should handle.


You know how to fix with LuckPerms?


I asked LuckPerms developer.
He said that is problem of cracked servers.
You can add on FlexibleLogin something that add Case Sensitive?


No I won't. I don't see any reasons to do that. The UUID is also case sensitive. Therefore the inventory will differ too and many other things that depend on the uuid.

Moreover this plugin doesn't explicit support cracked servers.


I think adding the possibility to choose who can use TOTP can be a good update :wink:. Because i don't want everyone to use this system


Hi master! Is it possible to change user password by admincmd? i mean i need option like:

/changepass [user] [newpass]

cause i have to do password changing option on webpage, but when im just changing password using sql command, plugin is not synchronized with that.

or sth like

/flexiblelogin netsync

it would synchronise plugin bufor with db.

Is there any of that commands :frowning: ?


I could also just remove the cache. I don't think it's necessary at all.


Is it enough if the player have to rejoin or should it always fetch fresh data.


Are you sure? Im using mysql, and needed password is not refreshed after rejoin when i would change it in db