The login process for online mode servers & clients:C→S: Handshake with Next

1. The login process for online mode servers & clients:
2.  
3. C→S: Handshake with Next State set to 2 (login)
4. C→S: Login Start
5. S→C: Encryption Request
6. Client auth
7. C→S: Encryption Response
8. Server auth, both enable encryption
9. S→C: Set Compression (optional)
10. S→C: Login Success
11.  
12. The login process for offline servers & any client:
13.  
14. C→S: Handshake with Next State set to 2 (login)
15. C→S: Login Start
16. S→C: Login Success
17. (Skipping the whole auth)
18.  
19. Notice how Encryption request is not sent to the client. An online mode and offline mode client will both act the same way here, and simply assume authentication isn't required (which it isn't). No auth packets are sent from online mode clients.
20.  
21. So what you need to do is listen for the Client > Server Login start packet, and insert your own Encryption Request packet, then give the client a second or so to send packet an Encryption Response packet. The difficulty is getting the data for the Encryption Request packet.