So this suggestion goes a bit beyond Bukkit, but is in part Bukkit, so thought I'd stick it here. I suggest that a client be made that can generate a unique key, but remains an offline client (IE, you can change your name, and join only offline servers), but the big difference being that unique key. And here's for the bukkit part: a plugin that can persistently store those keys and check the keys against the username. That way, even on offline mode, if the server has the bukkit plugin to track those keys, it would allow offline mode users to join without needing the /login plugins. However, this would require a very particular client (assuming at least that the current similar clients don't have such keys or the plugin can't get it, if it's possible to glean such info from the client anyways). The plugin would also need to refuse connections from users who don't present a key to authenticate. Or maybe have a way that if the key doesn't work or doesn't exists, force the user to then /login. I suppose the key could be something like the HWID or an MD5 encryption of a certain set of data, something system-unique. Just thought this up in the past 10 or so minutes, so it's a bit sketchy, but it seems like it might work, the biggest hole at the moment being how the Bukkit plugin would interface with the client to receive the key. Also, it would be interesting if the plugin could detect if the user is using a legitimate account so that it wouldn't need the key or /login for those, but that also seems like a stretch as far as the Bukki API goes, unless there could be a special identifier in the key to indicate the client is already authenticated. Which would imply the said client would likely need an online and offline login option (with name change option ideally). That's about it.