Login troubles

[cacaboy300gamer]

Oh well I fix one thing and then another error pops and its this invalid password thing because I did what the lady said to change my password and now am even in more trouble oh well *sign*

Still love you guys for making this private server

[freshour]

Any idea if there will be a reset anytime soon? or should I just work on a different alt lol

- would there be anyway to streamline some of this info in case this happens in the future. I mean the server still technically thinks there is a password to this account. Unless it is a little more complicated than the server thinks one thing, the forums think another type of deal.

- I think it would be kinda crazy if everyone had this issue and had to be told what the server thinks it is, vs what you made it so you can play til then but I think there may only be a couple people that have this issue.

Would it be possible to just email out what the server actually thinks the passwords are to the few people here who are waiting? Or just see if any staff have some free time to reply to the forums with it? There can't be more than a handful of people, definitely not worth resetting the server if you don't need to.

Just a thought

[magicthighs]

We don't store passwords in plain text format, that's bad security practice. Passwords are stored in a hashed format, and when you log in, the password you entered is also hashed. If the hashes match, you entered the correct password.

In other words, we can't email you your password, because we don't know what it is. And that's a good thing.

[Genisaurus]

Would it be possible to just email out what the server actually thinks the passwords are to the few people here who are waiting? Or just see if any staff have some free time to reply to the forums with it? There can't be more than a handful of people, definitely not worth resetting the server if you don't need to.

Just a thought

Actually, your password is hashed immediately, and once it's hashed in the DB, none of us are capable of retrieving it. I mean, we could perhaps code the functionality to do that, but you wouldn't want us to. I mean, we're not paid. We have ~85k registered accounts. How many of those accounts do you think share the same password as the email account used to register them? Or a bank account? or both? I get sick thinking about it.

If we had a free attitude about dealing with passwords, then you should be very worried. Much better if we don't see them, or touch them, even if it makes solving some problems much harder.

[freshour]

Touche, I agree with alllllll of that