Re: [ADMIN] password retrieval

From: George (greerga@CIRCLEMUD.ORG)
Date: 09/08/98


On Tue, 8 Sep 1998, Chuck wrote:

>B) A good way to use this is that people often have more than one
>character.  I log and keep in a file the last 5 passwords a character has
>used.  This makes validating players who have honestly lost passwords
>easier.  For instance, you can ask them some things they have used before,
>you can check their other character's pwords against this char's and see if
>any match, this usually tells you it's the same guy.

Of course, you could just ask for the password they used, encrypt that,
then check the previously encrypted passwords...  Only downside would be
you couldn't catch one character mistakes but they might also have just
watched the real person type it on the keyboard.  I'd err on the side of
safety here and ensure perfect matches.

>Now, think before you say that there are no GOOD uses for this.

I'm still waiting to hear one. I'm not saying there isn't one, I just
haven't heard it yet.

(i.e.: Search for duplicate passwords on multiple characters you say?
Encrypt doesn't matter here either.)

--
George Greer, greerga@circlemud.org | Genius may have its limitations, but
http://mouse.van.ml.org/ (not done) | stupidity is not thus handicapped.
http://www.van.ml.org/CircleMUD/    |                  -- Elbert Hubbard


     +------------------------------------------------------------+
     | Ensure that you have read the CircleMUD Mailing List FAQ:  |
     | http://democracy.queensu.ca/~fletcher/Circle/list-faq.html |
     +------------------------------------------------------------+



This archive was generated by hypermail 2b30 : 12/15/00 PST