# How to Password-Protect Your Schedule 1 Server (/docs/schedule-1/server-password)



import { Callout } from 'fumadocs-ui/components/callout';
import { Step, Steps } from 'fumadocs-ui/components/steps';

A password is the simplest way to keep your Schedule 1 server private without manually managing allowlists. Players need to enter the password in the DedicatedServerMod client launcher to connect.

Set the password [#set-the-password]

<Steps>
  <Step>
    **Stop the server** from your XGamingServer panel.
  </Step>

  <Step>
    **Open the file manager** and edit the DedicatedServerMod config file. See [Server Config Reference](/docs/schedule-1/server-config) for the file location.
  </Step>

  <Step>
    **Set the `password` field:**

    ```json
    {
      "password": "YourPasswordHere"
    }
    ```

    Leave it as `""` (empty string) to disable password protection.
  </Step>

  <Step>
    **Save the file and start the server.**
  </Step>

  <Step>
    **Share the password** with players. They enter it in the DedicatedServerMod client launcher when connecting by IP.
  </Step>
</Steps>

Password best practices [#password-best-practices]

* **Don't reuse passwords** from anywhere else (your email, Steam, etc.).
* **Avoid spaces** — some client launcher versions handle them oddly. Stick to ASCII letters, digits, `-_+!#`.
* **Rotate after kicks.** If you ban someone, change the password — bans alone don't stop them from re-joining if they have the password.
* **Don't share publicly.** Anyone with the password is a player on your server; treat it like a credential.

<Callout type="warn">
  If you accidentally leak the password (posted to Discord, screenshotted with the file visible), change it from the panel immediately and force a server restart to drop existing connections.
</Callout>

Allowlist instead [#allowlist-instead]

If you want stricter control than a shared password, use the operator/admin system to whitelist Steam IDs and reject everyone else. The exact flag varies by DedicatedServerMod version — check [docs.s1servers.com](https://docs.s1servers.com/) for the current allowlist setting.

Removing the password [#removing-the-password]

Set `"password": ""` and restart. Anyone who can resolve your server's IP:port can join. Combine with an allowlist if you still want to limit who connects.

Related Guides [#related-guides]

* [Server Config Reference →](/docs/schedule-1/server-config)
* [Operators, Admins & RCON →](/docs/schedule-1/operators-admins)
* [Rename Your Server →](/docs/schedule-1/rename-server)
* [Join Server →](/docs/schedule-1/join-server)