Love Minecraft: Java? You'll have to learn to love your Microsoft account as well – it will be required next year With the inevitability of death and taxes, Microsoft-owned Mojang is to require players have a Microsoft account for all its games, including the Java Edition of Minecraft. The not-at-all-patronising announcement trumpeted "Same Minecraft, new and improved account!" That's assuming you actually wanted a Microsoft account in …
This post has been deleted by its author
They have always had a fairly weak security model, no 2FA, and various account hiijack paths in the past.They could fix this without going to a Microsoft account. An MS account isn't the only way to fix this.
I know I'll get some flak for saying this but moving to Microsoft accounts will be a definite security upgrade,Fixing the problems with their accounts would also result in a security upgrade, this isn't conditional on using MS accounts.
Many different development teams have managed to create secure - or at least more secure - account systems than Mojang's current system. Moving to MS isn't the only solution. It's just the one that nets MS the greatest benefit.
I would love to see you make that case to your management?
"We have a functioning user account system that supports all the required security methods, but lets not use that and spend a bunch of money developing a new one for Minecraft because some people don't like us."
Yeah, that will get a approved! NOT!
What, you mean lie and commit fraud to my management?I would love to see you make that case to your management?
"We have a functioning user account system that supports all the required security methods, but lets not use that and spend a bunch of money developing a new one for Minecraft because some people don't like us."
Yeah, that will get a approved! NOT!
As a subsidiary of and not a business unit of Microsoft, Mojang is not a part of Microsoft. It is a separate commerical entity that has its own CEO and other management, pays taxes separately, is registered as a corporation in itself. Employees of Mojang are employees of Mojang, not Microsoft. As an employee of Mojang, their management is Mojang, not Microsoft. Their payslips say "Mojang" on it, not Microsoft as the source of their wages. It is not part of Microsoft, it is not a Microsoft business unit, therefore Mojang itself doesn't automatically have access to MS resources (e.g. MS account). It is owned by Microsoft. Microsoft's mangement (executive) are not its managment. If Mojang had a security system as you stated they would already be using it.
This decision likely came from Microsoft, top-down, a directive from them to Mojang to use MS accounts primarily for MS's benefit. It's unlikely that as a separate corporate identity that anyone at Mojang (short of its CEO at least who is most likely MS-appointed) would have originated this idea ahead of just fixing their own system.
Yes, MS aquired Mojang, it did not merge with Mojang. MS owns Mojang, but they are still legally separate corporate entities. Mojang is still a company incorporated in Sweden, running under Swedish corporations laws, paying its own taxes under its own name to Swedish authorities.
It is not a 'part of' Microsoft, it is a subsidiary of Microsoft, which means it is not the same corporate entity. By Law it is a separate company, with a separate board of directors, a separate executive management team. (of course, some specific individuals could be wearing 'two hats' and be both on the board of MS and on the board of Mojang, but that is a single person fulfilling two different jobs)
Therefore any employee of Mojang saying "we already have x" if that 'x' is from Microsoft would be legally wrong. They may have access to that through their corporate parent, but they don't 'have' it.
I only have a faint idea of what Minecraft is. Anyway, as long as I can have a local login for my Windows 10 box I'll be just fine.
I know, it might not be for long but the day when Microsoft will take it away, their telemetry servers will receive a last message informing that a bootable installation media for a non-MS OS has been created successfully.
That's not how oauth works
From a claims based authentication point of view, it doesn't matter who the claims provider is as long as you trust there responses to be legit identities, stackexchange, GitHub, Ms, Google, Facebook, twitter they are all just identity sources, don't want a ms account use a different provider, and GH supports many providers.
Personally I'm a fan of anything that lowers barrier to enabling 2FA and taking the storage of creds out of badly written Web apps even if it means having to enter into a faustian deal with one of the identity providers
or for your bank account / gp appointment? Cause strategic partnerships, blahblahblah. Don't tell me I'm nuts, sure I'm nuts, but look back 20 years, would you have thought it faintly possible you HAVE TO be identifiable on the street by your mugshot, give up your fingerprints to travel abroad, etc? Until the world goes to hell regardless, the model that brings most money keep expanding.
All yuor data r belong to MS
Can someone explain to me just how 2FA benefits the user? The kind of user who is able to remember an appropriately strong & unique password for all of his/her/their/its accounts.
To me, it just seems like
a) a license to slurp, for the provider of the 2FA system, and
b) an easy way to get locked out of my own account, if for example I dropped my phone in a river/toilet/boiling pit of lava, as I am sometimes wont to do.
Depending on the system in use there are multiple benefits:
TOTP - prevents keyloggers from being used to compromise accounts
SMS - in addition to the above, also alerts you when your password is pwned
U2F - prevents phishing attacks outright and requires physical theft to compromise
U2F is the strongest option, while SMS is the weakest due to potential SIM swap attacks. All are better than just having a password alone. U2F is your Google Titan type system, TOTP is your Google Authenticator type system and SMS is like Twitter but without pictures.
This post has been deleted by its author
I said "appropriately strong & unique", you idiot. I would never trust something like Microsoft with my strongest password, and certainly not for some shit like MineCraft.
Any password I used there certainly wouldn't be similar to any password that I used for a service I give a shit about.
Now remind me again: Why the fsck would I need 2FA for fucking Minecraft?
What Microsoft, Google, Facebook, Amazon et al want, is single-sign-on across everything, controlled by them. That gives them the most valuable kind of data about millions of cows users across the globe.
@Cyberdemon
Your original comment was an argument against 2FA. My reply to you about that was service neutral and nothing to do with Microsoft or Minecraft or even about you using a separate password for each service. It was focused on the fact that strong and unique passwords are not going to help you in the scenario I described. Which is where 2FA comes in.
If you're going to call someone out as an idiot for not reading your posts, at least read their post properly.
I'm sorry, we're talking about Minecraft. This is not a platform that enables bitcoin mining, or personal detail stealing.
It's a game. A small, block world game.
You're telling me that, all of sudden, I need Fort Knox protection to mine cobblestone ?
Fuck off.
Sure, but they could have improved the security model without requiring an MS account to play the game.
This smells like a combination of slurp fetish, laziness (we'll use MS accounts since they already provide for 2FA etc.) and desperation to lock people into MS products.
You'd be surprised at the amount of effort that goes into hacking game accounts. I don't know about Minecraft, but there are several popular games where in-game assets have a substantial real world monetary value. Stealing those draws far less attention from the law compared to hacking a bank account.
Looks like it.
https://pokemongoaccs.com
https://www.g2g.com/pokemon-go/account-23630-23631?sorting=price%40desc
Hacking game accounts to get items to sell or just selling the accounts has been big bushiness for years which the game companies have be trying to stop for years. Most game companies ban the account if they find it has been sold.
But Minecraft allows you to spend money (via some sort of MineCoins thing) which are brought using real money from the Xbox (aka Microsoft) account - so 2FA - yes please,
And yes please protect my kids online - OK maybe I'm sad, but I turn it on for them on anything I can - they have their own phones, own password managers, etc so it's all just prep for the "real world".
My first thought was, more tedious logins. I only play Minecraft in single player mode. The login is nothing more than a license check. If I were to play online, I'd set up my own server and invite friends to it.
So the question is, which Microsoft account. Outlook.com, Live.com, something else? I supposed ideally it would be something completely new and just replace my moyang login. And not mess with my accounts that I use for MSDN, etc. But I can't say that I'm thrilled about having to grab my cell and open the authenticator app to verify my license when I just to relax and unwind. diggy diggy.
This post has been deleted by its author
Why the f*** must we register an account for every piece of software? So the bastards can spam you or sell you.
Then your account gets made easier to use by auto login (i.e. remember my password - looking at you paypal).
So then we need 2FA to access the account. Most 2FA is a waste of time as they all want is your mobile number. To spam you or sell you.
But it's needed because they killed the first authentication.
Has anybody told micros~1 that the target audience for minecraft are below the age of consent? And therefore they might be spying on kiddies? Or maybe they think that their parents - generation facebook - already accept that this is how computers work.
Not sure if BB or the child snatcher is more appropriate. Not interested in think of the children, so you're up BB
There as already an account for online play. A Mojang account. That made sense. You only needed it to play online, and the account was only relevant to Minecraft so didn't leave all your other MS stuff wide open should the account become compromised. Don't want to play online, don't need an account.
Requiring and MS account to play Minecraft makes no user sense.
More corporate BS to lock users into MS. Not paid your subs on time? We'll cut you off from everything.
Actually, Minecraft launcher requires you to log in for Java. There is an option to skip login, that I never noticed before. But if you skip login, choose Minecraft Java and click play, it takes you right back to the login page. This is before you are given the option to select single vs multiplayer. Maybe there is a way to bypass the launcher and load Minecraft directly. I don't know. But the launcher handles all the game updates too.
OH NO!!!! MS would NEVER think it possible and would NEVER factor it in that 99% of minecraft users are kids, nosir, they simply assume 99% of them are young adults and other sad loosers, and to make sure this not-for-kids game is not played by kids, they even make you click (I'm sure) several confirmations you're above the age. Plus, it's proven minecraft is GOOOD, cause you don't splatter brains of your opponents all over the screen. Well, you can fry a chicken or two, I think, but young adults can surely handle that?!
This post has been deleted by its author
Until you have unreliable internet. Then your computer and becomes an unusable brick because all your software is locked behind online logins and license checks .
If this are so great at preventing software piracy, why is software more expensive now?
It creates an ongoing incentive for pirates to hack software to get around protections that have a big impact on users of the software.
For example I have watched pirated DVDs when I own the legitimate version, just so I am not forced to watch the company logo and copyright message.
Why can't we just have a Minecraft that doesn't actually fucking require any login if not playing online. Like all the old CD games from the 90s.
Or like Factorio, which is in the same genre. You pay for it and then download. Yes, you need to create an account to download it, but that's not tied into anything else And yes, you need to use your Factorio login to download updates. Yes, you can buy it on Steam, but you pay the same price and get the same product (and thus ability to use it without Steam) as if you bought it on the product web site.
It's not hard to sell something directly, for a simple price. I bought Affinity Photo the same way. I wish more companies would do that.
As far as i recall when i first bought this form my kids back in teh Mohang days it required an account to be set up and used when starting the game. Its a basic DRM, Steam, Epic and Uplay all do it as do individual games liek Trackmania and Rockstar seemd to want an account login i seem to remember.
So it is transitioning from a cluncky cobbled together system that probably doesn't scale well and requires an old unsuported OS and backend Database which i s likely to keel at any moment to a nice new one that is teh same as every other MS login and far easier and cheaper to manage.
Really don't see the issue unless you are a microsoft hater, i am sure if it was Google you woudl be more than happy to use your Google account that use on your Google phone that logs your every movement both physically and logically and sends all that data to Google servers. but as long as it is not microsft that is OK.
Nope, I'm a full card-carrying hater. I hate both Microsoft and Google. And I despise Apple so much I will not use their products.
Nah, I'll use Apple products... When it's a uesd MacBook Pro I picked up for $75 at a flea market, and just grab the latest MacOS updates for HighSierra for free. (and the rest of the software on it is FLOSS for the most part).
Are people here that stupid?
1. Create an account with fake credentials.
2. Done.
Seriously, the pointless MS hate on here is toxic.
You are being tracked by Apple / Google Way more, than a single fake account ever will.
Yours
Fred Smith aged 83 living in London W1 1WW
Google is in business to track your every move 24/7. How else can they sling ads at you?
Apple is a bit of a mystery and for the moment, we'll have to believe what they say in that they don't sell your details and I've yet to see them slinging ads at me.
Time for you 'IGotOut' to get out of your bedroom and see what is happening in the real world.
Google, Microsoft, Facebook and many, many more are all trying their dammdest to build a picture of you that makes the scene that Orwell painted in 1984 look like a 3yr old's kindergarden art scribbles.
Back on topic....
FU Redmond.
This is a recent MS trend across all their apps. Just the other day I opened Excel on my Android phone to add up some figures on the go. No can do: not without signing in to an MS account. Until you sign in you can only view files, no editing allowed anymore. Just a few months back that was still possible.
Now they do the same to Minecraft.
Seems like this Microsoft's me-too obsession with slurp is like addiction spiraling out of control.
Then that's sad, but I will NOT create an MS account for something I didn't buy from MS. I really like Minecraft, and have been quite impressed that MS appeared to have done a good job with the updates (I'm generally a tad negative about MS) but there's nothing MS can do to induce me to get an MS account. If that means never playing Minecraft again, so be it.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
