The authenticator verifies that all information checks out, and returns the assigned value if it does. So, say someone managed to get around that, and are now on the wrappers screen. They can't do anything:
- The server API is programmed to automatically reject any account that has been disabled, or is not authenticated. Regardless of it's function.
That goes for any data. So, when the wrapper asks the server for information, the server will refuse to answer. If the mod tries to send information, the server will ignore it. Unless that person somehow managed to edit the files on the server, they won't be able to get in.