Go Back   EQEmulator Home > EQEmulator Forums > Archives > Archive::General > Archive::News
Reload this Page Server Compromised

Archive::News Archive area for New's posts that were moved here after an inactivity period of 90 days.

 
 
Thread Tools Display Modes
Prev Previous Post   Next Post Next
  #11  
Old 06-24-2004, 04:25 PM
skelter
Fire Beetle
  
Join Date: May 2004
Posts: 1
Default
Well, I hate to add to a flame fest, but that post by Trixy was pretty much wrong on every point as far as i can tell.

Anyway, on to my real reason for posting. The attacker apparently had access to the DB with all the usernames and (apparently) plain text passwords. Its a pretty fundemental security practice that plain text passwords should never be stored (or even transmitted). It should be pretty simple to store sha1/md5 hashes of the passwords and compare those rather than the plain text passwords. Now maybe all the devs are aware of this and there might be a good reason for not doing this that I'm not aware of, so I guess you can consider it a feature request.
 

« Previous Thread | Next Thread »

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump

   

All times are GMT -4. The time now is 07:12 AM.

EQEmulator - Archive - Top

 

Everquest is a registered trademark of Daybreak Game Company LLC.
EQEmulator is not associated or affiliated in any way with Daybreak Game Company LLC.
Except where otherwise noted, this site is licensed under a Creative Commons License.
       
Powered by vBulletin®, Copyright ©2000 - 2025, Jelsoft Enterprises Ltd.
Template by Bluepearl Design and vBulletin Templates - Ver3.3