In this guide, we'll show you how to quickly set up a two-factor authentication (2FA) system for your server staff using GamerSafer's GSAuth plugin. This straightforward process takes about 5 minutes and adds an extra layer of security to your Minecraft Server.
Minecraft Servers can encounter many challenges, but you can tackle one major concern right away. By implementing GSAuth for staff 2FA and using the GamerSafer App for Android or iOS, you safeguard your server against unauthorized access and protect your staff's accounts from being compromised.
We'll walk you through the steps to activate staff 2FA on your server, ensuring it's as simple as possible. While GSAuth offers a variety of features, this tutorial will focus solely on the initial setup of staff 2FA. Please note, you should be familiar with installing and configuring a Spigot or Paper server, as those details are not covered here.
# Getting Started
The GSAuth for Minecraft plugin can be installed on individual servers, like with Paper and Spigot, or on server networks running Velocity or Waterfall. The plugin can be used for staff 2FA, or for more full-featured setups to enable player ban appeals, age assurance, or parental consent flows. However, this tutorial will only cover the basic staff 2FA tutorial for individual Paper servers. For more information on the other features in GSAuth, take a look at the plugin wiki.
# Requirements
- An active GSAuth subscription (for $5/month with a Shockbyte plan add-on)
- Minecraft Java Edition Server Software 1.19 or newer
- The GSAuth Plugin for Spigot/Paper (download link)
- GamerSafer API Key and Guild ID (check your email after purchase)
- A permission plugin of some kind installed (LuckPerms, UltraPermissions, etc…)
# Installing GSAuth on your server
- Navigate to the control panel and Stop your server.
- Go to the plugin releases and download the latest version for your server type.
- Open your Files and navigate to the
pluginsfolder. Drag & drop the plugin into the folder. - Start your server once to generate any required config files, and Stop the server once it has fully booted.
- Open your Files and navigate to the newly created
plugins/GSAuthfolder and openkeyinput.txt - Insert your Guild ID and API Key into the file as shown below. You should have received these within 24 hours after signing up for GSAuth. Do not share these with anyone else! Save and close the file.
- Start the server. If you don't see
GSAuth Plugin loadedin the console, check your configuration before continuing.
# Using GSAuth
Now as GSAuth has been installed on your server, it's very easy to configure which LuckPerms groups (such as your staff) should require 2FA.
- Run the
/lp group <group-name> permission set gsauth.verify.requiredcommand replacing the group name with the group you wish to require 2FA. - Reconnect to the server and you will see a book and QR code guiding you through linking your account to the GamerSafer App.
- Scan the QR code from within the GamerSafer App and confirm that you want to join the Minecraft server.
- Once confirmed within the app, press the Emerald Block in-game to continue.
And there you have it. Each time your staff members connect to the server, they'll be required to confirm their identity via the GamerSafer App to receive access to their staff member permissions.
From the config.yml file, you can configure different parts of the GSAuth plugin, including the different restrictions and security that can take place.
You can now celebrate better account security within your staff team, helping to prevent security breaches and improve the reliability for players in your community.
