AuthMe Reloaded

AuthMe Reloaded

3M Downloads

Old passwords from LoginSecurity don't work after being imported to AuthMeReloaded.

Rismack opened this issue ยท 2 comments

commented

What behaviour is observed?

Hello! After importing my LoginSecurity database with around 280 accounts into Authmereloaded using the "/authme converter loginsecurity" command, when players try to log in using their old loginsecurity password, authme tells that it's not correct.

The database seems to be imported correctly because authme doesn't ask players to register if they already registered with loginsecurity, so the problem seems to be with the passwords.

I've tried this myself in a clean test server with no other plugins and the same happens.

There are no console errors during the import process or when a player tries to log in.

Expected behaviour

  1. A player registers on the server with loginsecurity setting his password as 123456.
  2. Loginsecurity jar file gets removed but not the plugin's folder.
  3. AuthMeReloaded gets installed.
  4. The loginSecurity's database is imported to authmereloaded using the "/authme converter loginsecurity" command.
  5. A previously registered player with loginsecurity joins the server back and authme reloaded knows it's already registered, so it asks for the password.
  6. The player inserts his old password (123456) and joins the server.

To Reproduce

  1. Register a new user with loginsecurity and set the password to 123456.
  2. Remove loginsecurity and install authmereloaded.
  3. Use the converter command to import loginsecurity's database.
  4. Log in with the previously registered user and insert the password (123456).
  5. Authmereloaded says that the password is incorrect.

Plugin list

AuthMe

Server Implementation

Standalone server (no proxy)

Database Implementation

SQLite

AuthMe Version

AuthMeReloaded v5.6.0-beta2 (build: 2453)

Error log (if applicable)

No response

Configuration

https://paste.gg/p/anonymous/a27ca09e9c654c11a9be893a782f42af

commented

After migrating from LoginSecurity using the integrated converter.
You have to add BCRYPT as a legacy hash in the AuthMe config.
Like this:
legacyHashes: ['BCRYPT']

commented

Oh, okay, thank you so much. I just tried it and it worked.

Does that information appears somewhere in the wiki? If it does, I missed it (sorry). If it doesn't it'll be nice to have it in the "converters" section.

Thank you!