Offline Mode Authentication

NexAuth provides secure, feature-rich offline mode authentication for servers that don’t use Minecraft’s premium authentication system.

Overview

Offline mode allows players to authenticate using usernames and passwords without requiring premium Minecraft accounts. NexAuth implements industry-standard security practices to protect player accounts.

Configuration

Basic Setup

# The default crypto provider. This is used for hashing passwords. Available Providers:
# BCrypt-2A - Newer, more safe, recommended
# Argon-2ID - Newest, should be safer than BCrypt-2A, however, it can slow down the server
# SHA-256 - Older, not recommended. Kept for compatibility reasons
# SHA-512 - More safer than SHA-256, but still not recommended
default-crypto-provider=BCrypt-2A

# The minimum length of a password. Set to negative to disable.
minimum-password-length=-1

# Kick the player, if the password was incorrect more or equal times. -1 means disabled
max-login-attempts=-1

Player Commands

/register <password> <confirm_password>
/login <password> or /l <password>
/changepassword <old> <new>
/logout
/unregister <password>

Security Features

Bcrypt Hashing - Industry-standard password hashing
Brute Force Protection - Account lockout after failed attempts
Session Management - Secure session handling
IP Logging - Track login IP addresses

Next Steps

TOTP 2FA

Add two-factor authentication for enhanced security.

Premium Authentication TOTP Two-Factor Authentication

⌘I

Documentation Index

​Offline Mode Authentication

​Overview

​Configuration

​Basic Setup

​Player Commands

​Security Features

​Next Steps