3 weeks ago
1

Security

Category: General / Server CommandsIn-Game Name: TrietbruhThe Pitch:I am submitting this proposal to suggest critical security upgrades that will protect our community from account theft and significantly reduce the staff workload regarding ban appeals. After recently experiencing an account compromise myself, I realized that our current login security can be heavily fortified to prevent hackers from targeting players and stealing valuable assets.Proposed Security Enhancements:Mandatory Two-Factor Authentication (/2fa): We should integrate a security plugin that allows players—especially staff members and top-ranked players—to link their profiles to Google Authenticator or a Discord Bot so that no one can move, execute commands, or access chests without entering a secure, time-sensitive 6-digit code.Automated Premium Auto-Enrollment: The login network should be upgraded to automatically detect if an incoming UUID belongs to an officially verified Mojang or Microsoft account, which would force-enable /premium mode by default and eliminate the risk of a player forgetting to manually type the command.Geographic IP Shift Protection: The server needs a basic automatic flag that temporarily freezes an account if a login attempt occurs from an IP address located thousands of miles away or in a completely different country within a short timeframe of the last active session.The Benefits:Implementing these features will drastically cut down on compromised profiles, protect player progress, and save our administration team countless hours currently spent processing manual self-bans, identity verifications, and password reset tickets. Thank you for reviewing my suggestion and for your continuous dedication to keeping StrongCraft safe for everyone.
Posted in Improvements for GLOBAL, status replied, Upvotes: 2, Downvotes: -1