It would basically store our own personal set of username/passwords. The password could be an IP, I guess. It would be nice if I could use worldguard’s method of authentication, because then you could put the password in the url, but that would require manually adding each person myself. Instead, what most auth plugins do is they lock you in place or prevent you from otherwise doing anything on the server until you type in your password. I could store your last known IP address and when in offline mode I would check the IP for that account and kick if it doesn’t match. That wouldn’t solve it for everyone, but it would be a simple 90% stopgap that wouldn’t require anything complex. Not sure how easy IP spoofing is, if at all possible.