« previous next »
Pages: [1]   Go Down

*Author

Active members:
serprex(1) Dimpl(2)

Offline DimplTopic starter

  • Newbie
  • *
  • Posts: 16
  • Reputation Power: 1
  • Dimpl is a Spark waiting for a buff.
  • New to Elements
Password security https://elementscommunity.org/forum/index.php?topic=52373.msg1109737#msg1109737
« on: November 16, 2013, 05:39:58 am »
While logged in, I am able to see my password in account info. This means one of two things: it is saved locally when I log in (which means that it saved in kong somewhere) or it is saved by the elements server. I believe this is insecure compared to saving the hashed password and comparing the two on login. Comments?
Logged

Offline serprex

  • Administrator
  • ********
  • Posts: 2240
  • Reputation Power: 0
  • serprex hides under a Cloak.
  • Awards: War #12 Winner - Team Darkness
Re: Password security https://elementscommunity.org/forum/index.php?topic=52373.msg1109738#msg1109738
« Reply #1 on: November 16, 2013, 05:43:17 am »
http://elementscommunity.org/forum/game-suggestions-and-feedback/don%27t-use-plaintext-passwords

When creating an account it says your email will only be used for if you forget your password. I'm unsure how one recovers their password if forgotten, but that could be used to verify one's password is stored in plaintext on the server. That said, you seem to be describing Kong related issues
Logged

Offline DimplTopic starter

  • Newbie
  • *
  • Posts: 16
  • Reputation Power: 1
  • Dimpl is a Spark waiting for a buff.
  • New to Elements
Re: Password security https://elementscommunity.org/forum/index.php?topic=52373.msg1109747#msg1109747
« Reply #2 on: November 16, 2013, 07:35:31 am »
I don't know how it works - it COULD be a kong issue, but I believe the second option is more likely.
Logged
Pages: [1]   Go Up
« previous next »
 

blarg: