MCC Keeps locking my Minecraft Account

[smcclennon]

So I disable my proxy when I use MC or MCC just to make sure that Mojang does not think I'm logging from two locations too quickly, but after switching from real Minecraft to MCC a couple of times within like an hour, my Minecraft account says "Invalid Password" and I need to reset it then wait another half an hour to an hour for that.. It is quite annoying. Any help? http://prntscr.com/drc6rd http://prntscr.com/drc73m My username is Shiraz_2014

Here is my config: http://pastebin.com/PGSsDAZ9

[ghost]

Its a Mojang thing. If you login too fast or many times on the same ip it will blacklist your ip for a set amount of time.

[Pokechu22]

There is a login rate limit, but according to wiki.vg:

This endpoint is severely rate-limited: multiple /authenticate requests for the same account in a short amount of time (think 3 requests in a few seconds), even with the correct password, will eventually lead to an Invalid credentials. response. This error clears up a few seconds later.

The fact that using one is disconnecting from the other is also odd, as while that does happen, it shouldn't happen with session caching (if a launcher token's set)...

[ORelio]

There is already a cache for session tokens, these are retained in memory so that if performing a reconnection eg with AutoRelog the session is re-used. You can change behavior to save session to disk in configuration file with sessioncache=disk in order to store your session for later when mcc gets re-launched and avoid re-performing a login request if the session is still valid. However logging back in Minecraft may invalidate your session in MCC and vice-versa, so that you have to re-enter your credentials and perform a new login request. That's a Mojang-related issue and we cannot really do something about it... :unamused:

[Pokechu22]

However logging back in Minecraft may invalidate your session in MCC and vice-versa, so that you have to re-enter your credentials and perform a new login request. That's a Mojang-related issue and we cannot really do something about it... 😒

Actually it should keep track of it, and equally so it shouldn't always log all other ones out - according to wiki.vg:

The clientToken should be a randomly generated identifier and must be identical for each request. The vanilla launcher generates a random (version 4) UUID on first run and saves it, reusing it for every subsequent request. In case it is omitted the server will generate a random token based on Java's UUID.toString() which should then be stored by the client. This will however also invalidate all previously acquired accessTokens for this user across all clients.

I think that MCC doesn't always re-use the client token when logging in. That might be causing this (since it thinks it's a new launcher each time). I'll look into it.

[ORelio]

Ah, so we also need to generate and use a client token to avoid token invalidations.

[Pokechu22]

Yea. Or more precisely, it seems like MCC is currently generating a new client token each time it logs in (which still results in everything being invalidated). It would be better to have it generate a single token that's used for all accounts. But I'll have to mess around with it first since I haven't worked with authentication much and I might not entirely understand how the client token works.

[smcclennon]

Thanks for all the help.

[smcclennon]

When switching between Minecraft and Minecraft Console Client, I now leave a 5-minute gap and I am not being locked out of my account. Thanks so much for the advice. I will leave the thread open for another week and notify you of any issues. If I do not encounter any within a week I will close the thread.

[ORelio]

After thinking about it, maybe we can try reusing client token and sessions from the Minecraft launcher if Minecraft is installed on the computer running MCC. We would need to grab client token and session tokens from the .minecraft folder, this way nothing would get invalidated and no password would be required.

[ORelio]

Hi, For your information, MCC should now be able to reuse session tokens from your Minecraft folder. Check out the latest development build and feel free to report any issue with it :slightly_smiling_face:

[smcclennon]

Amazing, thanks!