Suppress display of password to administrator
Suppress display of password to administrator
For the players' privacy and security purposes, it would be good to suppress the display of their chosen password in the PM-Server (right now, it shows it as clear text). Since users have can reset their passwords when necessary, there's really no reason to show it to the administrator. Since many people tend to use the same passwords, it's just an unnecessary security risk.
-
- Site Admin
- Posts: 5880
- Joined: Wed Mar 19, 2008 8:47 pm
Re: Suppress display of password to administrator
In the next major version, no passwords will be saved at all on the server. All security will be performed with one-way hashes.dcx135 wrote:For the players' privacy and security purposes, it would be good to suppress the display of their chosen password
Re: Suppress display of password to administrator
does this mean players cant recover password?Kent wrote ;
In the next major version, no passwords will be saved at all on the server. All security will be performed with one-way hashes.
-
- Site Admin
- Posts: 5880
- Joined: Wed Mar 19, 2008 8:47 pm
Re: Suppress display of password to administrator
Yes, but I'll come up with some kind of password reset feature instead. Instead of emailing the password, the system could email a security code and the player could enter that code along with a new password in the client. Something like that.Ozzy1969 wrote: does this mean players cant recover password?