I wonder why there is such a big hoo haa regarding the issue, but knowing that this mailing list reaches out to many, and many has a piece of their mind about it..;-). Anyway, passwords, in what level of security, should be encrypted, regardless of what sort of algorithm you used. However, pfiles should perhaps be stored as plaintext to allow you to edit them easily by using any text editor. As far as mud account is concern, it belongs to the implementors of that mud and he/she shoudl keep the account's password secure. If any pfiles are corrupted due to the meddling of the implementor, then it's the implementors' responsibility. Anyone else other then the implementors should not have access to the code, pfiles and anything else within the mud account. Thinking twice, keeping passwords of pfiles as plaintext is not really much of a security risk. However, it does leave a bad taste in the mouths of the players. At least, they would like to think that even the implementors cannot play their character coz they don't have their passwords. True? or not. I leave it for you to decide. ;) As far as crypt is concern, it isn't hard to devise a decrypt algorithm. Many would like to think it's safe, but it's not. In mud however, it serves no point to decrypt the passwords at all (if u are the implementor, that is), unless you wish to takeover the char and discredit it...(flame me...hahaha) Just my 2› worth and a new addition to the 20 odd mails i receive regarding this issue. God, let it end here....(hee) Nitro "1, 2, 3, .... all the mails, and why don't i doze off ?????"
This archive was generated by hypermail 2b30 : 12/07/00 PST