These forums have been archived and are now read-only.

The new forums are live and can be found at https://forums.eveonline.com/

EVE General Discussion

 
  • Topic is locked indefinitely.
Previous page12
 

How does it know?

First post
Author
Previous Topic Next Topic
Ima Wreckyou
The Conference Elite
The Conference
#21 - 2015-08-04 16:42:32 UTC
Herzog Wolfhammer
Sigma Special Tactics Group
#22 - 2015-08-04 23:15:46 UTC
Archibald Thistlewaite III wrote:
CCP has installed cameras in all of our homes Mom's basements and they watch us type the password in.




I hope that's wrong. Or I'm gonna get blackmailed for getting drunk and doing that Buffalo Bill dance.

Bring back DEEEEP Space!
Freya Sertan
Doomheim
#23 - 2015-08-04 23:36:28 UTC
Blind Melon Chitlin wrote:
Arline Kley wrote:
Depending on the method that CCP is using, it would send your password towards the authentication server, which would then request the server holding the password to send the value that it holds back. If those values match, it lets you in. If there is anything different about them, the authentication server declines your request to log on stating that they do not match.

The values are (should be) stored in a format that is readable by the machine, but not to a human (other than appearing as random letters and numbers). This would also extend that your local machine would not save a copy of your password locally unless you have written it down somewhere on your machine.

The server being offline would prevent the system allowing you to connect anyway - the server will not respond in a certain amount of time and the connection will not be established. Any password that has been sent to the authentication server should be automagically be deleted (although will still appear filled in on the password box)


I know what "best practices" are, (it is my professional business) which is why I am asking the question.

As a user concerned with security, it would be nice to know.

As for the Game Server "letting me in or not", that is irrelevant. There are many "servers" in their "farm", it seems, such as one that hosts the forums, etc.

Authentication is obviously removed from the Game Server proper, but where does it actually reside?



Yeah, lets give a random NPC alt physical info to the auth server. That'll work.

New Eden isn't nice. It isn't friendly. It isn't very hospitiable. Good thing there are people here to shoot in the face.

Want to make New Eden a nice place? Try this out.
Previous page12