Password Protection

[Kuk!]

I will be good if there will be some pass protection because if somebody want to play from icafe it is very risky. Everybody can start a game and log in with last character. I think it isn\'t so hard to implement.

[Fanomatic2000]

Umm...there IS password-protection. You\'re going to need a password to access you character, so...

BTW. Mature name by the way \"kuk!\"

[Baxter]

I think he means protection from other people looking at it when you enter it.  As of now, it shows your password in plain text at the login screen.  Most of us would greatly appreciate lots of *******s instead.  I\'m sure the devs are already on it though!

[Vengeance]

We don\'t want to do this right now because we don\'t want to give people the impression that their passwords are secure when in fact the passwords are stored in planeshift.cfg in plain sight of everyone.

- Venge

[chrischoo]

Just another point Venge we\'ve noticed that the passwords are also stored in clear inside the database itself, so anybody with a reasonable amount of access to the server can do something nasty. For our side when we store passwords in the database we use something like md5 to hash it so that access to the database would not necessarily compromise passwords. I think it could be important because many people, well, including myself, use the same password for many different things.

[Vengeance]

As I said before, there is almost zero security built into PS atm because there is nothing to protect in the game.

I would recommend against using your \"standard\" passwords.

The md5 hash is a decent idea but in general we\'ve been assuming that the servers are secure and the server administrators are trusted.

- Venge