Why Passwords MUST Be Encrypted

[stormeus]

Recently, I've been seeing a lot of scripts here where the passwords are unencrypted, or where scripters and server owners would rather be able to see their players' passwords. This is dangerous, and for many reasons.

Don't register an account on servers you don't know well (Thanks, NC). If the admins do happen to be abusive or bad scripters, you could end up being hacked or impersonated.

• Commands to view passwords can be exploited.

If something like /c getpassword is scripted improperly, this could lead to users being able to see anyone's passwords, regardless of whether or not they're an admin. If an admin system isn't scripted properly, they can use /c getpassword. If someone has physical access to an admin's computer, they can use /c getpassword.

In any of these scenarios, you open yourself up to a situation where people who aren't admins, or even malicious admins, can see anyone's and everyone's passwords -- including yours. A lot of VC:MP players use the same password on servers they play on, which opens your players up to being hacked because of your script.

• It reduces the credibility of you and your scripts

If players find out that admins are able to see their passwords, or that their passwords are stored plaintext, they might want their accounts deleted from the server, or have their passwords changed (which will lead us to my next point). It also lowers your credibility, because the more technologically literate users will know that they could be hacked because of the scripts you used.

• A command to change passwords would be a better replacement.

Have you ever seen a forum where when you want to reset your password, they RESET your password instead of emailing it to you? Try it out on this forum; it never tells you the password you used, it just lets you change it after some confirmation.

Likewise, on a VC:MP server, it's much more practical (and secure) to use a command to change passwords instead of viewing them, because, like in point one, being able to view people's passwords could lead to people hacking your server or other users, and would also lead to (point #2) your reputation as a scripted being reduced.

[Aldo]

Good Post

With the change password command you should enter your current password followed by the new one for added security for scripts with the auto login feature

[[AoD]NC]

stormeus, I would say that this should be the first point on your list:

Don't register an account on servers, you don't know well (you don't know they admins/owners too).

Years ago, where there was only GUS mIRC for public use, no one really mattered about the problem. If the admin "plays fair", he wouldn't even look into the password file. I could look into one too, but why? I see no point for doing it.

A command to change passwords would be a better replacement.

I had one on my old server. However you had first to login right, then change it . If a player really didn't knew his password, he told me a temporary to set (like "asd"), then he could log-in and change it :>.

[Charleyutton]

In XE we have a command "givepassability". This is used once a user has been 100% verified to be who they say they are; by ip checks and otherwise. It gives the player the capability to change their password using /c changepass, but the ability is lost when he quits. This way admins have no direct contact with anyone's passwords.

[Bass]

Just register with another password..