diff --git a/CHANGELOG.md b/CHANGELOG.md
index 246db4f5..d40ffa85 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -17,6 +17,7 @@ This is the rolling changelog for TShock for Terraria. Use past tense when addin
 * Fixed torchgod settings to include whether or not torchgod has been fought by the player before and respect `usingBiomeTorches` setting. (@Quinci135)
 * Fixed /worldmode not synchronising data to players after updating the world state (@bartico6, @Arthri)
 * Added `OnSendNetData` hook to TSAPI, which enables developers to intercept traffic being sent from the server to clients. (@Stealownz)
+* Added warnings for conditions where a password is set at runtime but can be bypassed. The thinking is that if a user sets a password when they're booting the server, that's what they expect to be the password. The only thing is that sometimes, other config options can basically defeat this as a security feature. The goal is just to communicate more and make things clearer. The server also warns users when UUID login is enabled, because it can be confusing and insecure. (@hakusaro, @Onusai)
 
 ## TShock 4.5.3
 * Added permissions for using Teleportation Potions, Magic Conch, and Demon Conch. (@drunderscore)
diff --git a/TShockAPI/TShock.cs b/TShockAPI/TShock.cs
index 89e57ba0..c2bfbc39 100644
--- a/TShockAPI/TShock.cs
+++ b/TShockAPI/TShock.cs
@@ -824,10 +824,45 @@ namespace TShockAPI
 			if (!string.IsNullOrEmpty(Netplay.ServerPassword))
 			{
 				//CLI defined password overrides a config password
+				if (!string.IsNullOrEmpty(Config.Settings.ServerPassword))
+				{
+					Log.ConsoleError("!!! The server password in config.json was overridden by the interactive prompt and will be ignored.");
+				}
+
+				if (!Config.Settings.DisableUUIDLogin)
+				{
+					Log.ConsoleError("!!! UUID login is enabled. If a user's UUID matches an account, the server password will be bypassed.");
+					Log.ConsoleError("!!! > Set DisableUUIDLogin to true in the config file and /reload if this is a problem.");
+				}
+
+				if (!Config.Settings.DisableLoginBeforeJoin)
+				{
+					Log.ConsoleError("!!! Login before join is enabled. Existing accounts can login & the server password will be bypassed.");
+					Log.ConsoleError("!!! > Set DisableLoginBeforeJoin to true in the config file and /reload if this is a problem.");
+				}
+
 				_cliPassword = Netplay.ServerPassword;
 				Netplay.ServerPassword = "";
 				Config.Settings.ServerPassword = _cliPassword;
 			}
+			else
+			{
+				if (!string.IsNullOrEmpty(Config.Settings.ServerPassword))
+				{
+					Log.ConsoleInfo("A password for this server was set in config.json and is being used.");
+				}
+			}
+
+			if (!Config.Settings.DisableLoginBeforeJoin)
+			{
+				Log.ConsoleInfo("Login before join enabled. Users may be prompted for an account specific password instead of a server password on connect.");
+			}
+
+			if (!Config.Settings.DisableUUIDLogin)
+			{
+				Log.ConsoleInfo("Login using UUID enabled. Users automatically login via UUID.");
+				Log.ConsoleInfo("A malicious server can easily steal a user's UUID. You may consider turning this option off if you run a public server.");
+			}
 
 			// Disable the auth system if "setup.lock" is present or a user account already exists
 			if (File.Exists(Path.Combine(SavePath, "setup.lock")) || (UserAccounts.GetUserAccounts().Count() > 0))