Turns out there is an exploit in the Mojang authentication system that allows a hacker to use your username on ANY MINECRAFT SERVER, EVEN ONES IN ONLINE MODE. This hole stems from a flaw in the migrated account system. Migrated accounts will require an email address to log into Minecraft and if you have not done this, you are safe.

Standard authentication via Mojang’s servers is disabled until further notice. Secondary login via the /login command is the only way to log in. If you do not have a password, contact the administrator at ngminecraft [at] gmail [dot] com.

To see the documentation on this vulnerability, click here.


  • Log in. You will spawn in a bedrock jail.
  • Use /login <your username> <your password>
  • If it worked, you’ll see “Info: Access granted – offline authentication successful”
  • Otherwise, contact the admin.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s