Extra password for the servers

[<hk>]

Right now, when you register you get a Username and a password to log in on the website.
You use the same password on the servers to log in, too. Some people complain about not being able to choose their own password so we though about creating a new set of passwords that only work on servers.
You log in on the website with you usual randomly generated password. On the servers you use a different password but the same username to log in.

Should we split the password in two?

[AL!EN]

OMG YES THANK YOU

First of all: it can be one pass BUT users MUST have ability to CHANGE IT It was nightmare security paranoia Even banks allows for changing password, not forcing anyone to use some random "jhdsajkfdh9qyf4395vn3043n03rhfdo9vby9obybvy9ovhr39pqvh9dhybvgf98d0agfy8d9" SHIIIITTTTTT, with nobody can remember

But if you already want to do some improvements, two pass are also welcome

[<hk>]

I approve your idea.
First of all: There is no need for a second password. User should just have the ability to change the first one. Even banks allow password changes and don't force random passwords down the users' throat. Nobody can remember those passwords.
Two passwords are fine, too.

You can change your password whenever you like to a new secure password generated by the web server. I can remember random passwords pretty well, after a day or so. If you use it on a daily basis you have no problem remembering even random 20 character passwords. But if you don't, well, that's what a mail archive is for.

The server passwords would of course have some filter to reject passwords like:
"123456" or "aoeu".

[742617000027]

What's wrong with "aoeu"?

[lith]

alien you have no say, you dont even play online, kthx

[Arcaon]

What's the use of random passwords and different passwords for servers and website? It's your own fault if you choose a stupid, easy password.

[AL!EN]

alien you have no say, you dont even play online, kthx

I have account at this site with it means that my opinion has same value as others.

[lith]

alien you have no say, you dont even play online, kthx

I have account at this site with it means that my opinion has same value as others.

you have an account at the site with no times, making it worthless, now stfu, your point is invalid.

[<hk>]

Also, a server admin can read your login command line under certain conditions. If you don't trust lovet, praet or me, then you can use a different password for logging in on the server than on the website. That way no server admin can steal your account.

It's also easy to quickly change your password when you accidentally mistyped and your login data appears in the chat.

passwords are hard to remember

You could always put that login line into a login.cfg and call it with

Code: Select all

exec login.cfg

What's wrong with "aoeu"?

It's "asdf" in dvorak keyboard layout.

[$$-albion]

Maybe you could make it an option for those who wish for it :p

I'd rather have something done about the username and visname. Now, I don't have anything against a visname but I think it should be possible to see the name of the username as well. I guess most ppl(people) used their nickname we know them by. There are just too many ppl(people) changing their visname every other 5 minutes, making it "hard" to keep track who is who.