Affects Version/s: 1.16.3
Fix Version/s: None
This does NOT affect release 1.16.3 - it affects all versions pre-release 1.0
I'm unable to open a bug report for any version other than 1.16.3 or 1.17 for some reason.
All versions pre-release 1.0 are unable to login to servers properly forcing all server owners to run the servers in offline-mode. Server owners are able to fix this issue by updating the JAR files with the proper authentication URL, but that fixes only half the problem since client jars must also be updated.
Auth URLs in the client JAR files should be updated to:
The above would fix the client-side issue and validate that a user has joined the server. Server JARs can be edited by server owners or a local DNS + proxy system can be setup instead to fix the server-side issue, but a fix would require either forwarding or editing the URLs from
This would allow for proper session-checking and prevent server owners from running in offline mode which allows cracked players to join without any form of authentication. There exists a rather large community of servers and players still on many older beta versions, most commonly Beta 1.7.3, which suffer from this issue. Instead, they're forced to use a 3rd party in-game authentication and handle credentials which is a security issue not to mention pirated (cracked) players could still join anyways.