password encryption [solved]
password encryption [solved]
When a user creates a new account to join a server does the password encryption start at client before traveling the internet or does this take place on the server side?
Last edited by TARD on Fri Sep 23, 2016 01:36, edited 1 time in total.
-
ExeterDad
- Member
- Posts: 1717
- Joined: Sun Jun 01, 2014 20:00
- In-game: ExeterDad
- Location: New Hampshire U.S.A
Re: password encryption
Client side. Password is never really sent over the wire. Only hashes unique to the server. In other words, if you use the same password on every server you play, the stored hash on the servers will not be the same, nor can be used by a evil server owner to log in as you on another server.
HOMETOWN -Our little server. Keep the HOMETOWN chatter @ http://hometownserver.com - Our server map: http://media.hometownserver.com
Re: password encryption
Solved, Thank. This what I was worry about because I ask stolen account user's if they use same password on other servers and they say yes.ExeterDad wrote: nor can be used by a evil server owner to log in as you on another server.
Re: password encryption [solved]
For increased security, make sure the send_pre_v25_init option is flipped to false, which is the default in the dev version, but 0.4.14 still defaults to true.
Who is online
Users browsing this forum: No registered users and 5 guests