2FA

From BadWolfMC Wiki
Revision as of 21:54, 11 July 2019 by Merc (talk | contribs) (→‎What is 2FA?)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

BadWolfMC offers optional Two Factor Authentication (2FA) support for our members to secure their BadWolfMC Network accounts against malicious users. Please note that this does not secure your Minecraft account overall -- Mojang does not currently support 2FA, but it does secure your account while you're on our servers and adds a significant layer of security to prevent a "hacker" or other unwanted kiddos from logging in as you on BadWolfMC.

What is 2FA?

Two Factor Authentication (2FA) is an additional security measure for already trusted members that confirms that you own the account that you're logging into our servers with. Traditional 2FA challenges, for example on your Google account, are usually presented after you enter your password and usually takes the form of a short code retrieved from a secondary device (e.g. your cell phone). These codes can be texted to you (much less secure) or generated from a standalone application on your smart phone such as Google Authenticator, Authy, Microsoft Authenticator, and Duo Mobile. BadWolfMC's 2FA requires the app method. After successfully setting up 2FA on your account, upon logging into the server you will be presented with the authentication challenge, and you must enter the code from your device using /2FA [code] in order to play or interact. You should only need to enter the authentication code once every six hours when joining the server from the same IP address.

Setting up 2FA

Example 2FA Map

Setting up 2FA is quite simple, especially if you're already familiar with using 2FA. These instructions will target the Google Authenticator, but setup should be similar for all of them.

  • An authentication app from the list above is required before you can set up 2FA on your BadWolfMC account. Please download that to your smartphone before you begin.
  • Log onto the BadWolfMC Network. These methods will work from any server.
  • Open the authentication app and, on the Google Authenticator, tap the plus (+) sign to add a new account. This will give you the option to scan a QR code or use manual entry. Scanning the QR is easiest, but both methods will work.
  • Empty a slot on your hotbar and select it, then run the /2FA command. This will provide you with a map with a QR code and secret key.
  • Hold the map in your hand so that the contents are clearly visible on your screen. If you chose the QR entry method, scan the QR with your phone, or if you chose the manual entry method, enter the "Secret Key" from the map into the text field in the app. This will add the account to your app and you should now be able to see a 6 digit code associated with the entry.
  • Confirm 2FA setup by running the command in game /2FA [code] where [code] is replaced by the current code displayed in your app without brackets or spaces. For example, /2FA 123456.
  • You're all set up! Remember that you will now need to use the /2FA [code] every time you log onto the network, but you can rest easy knowing that you won't be ridiculed endlessly (or potentially banned -- it's happened more than once!) if your Minecraft account is hijacked.

Removing 2FA

Sick of typing the code every time? Don't care if your account is hijacked? Use /2FA remove to remove the 2FA requirement from your account. Since your current session is already authenticated this command will immediately remove the requirement from your account.

Lost your phone and can't log in? Just message an admin on the forum or Discord to remove 2FA on your account so you can get back in.