Go Back   EQEmulator Home > EQEmulator Forums > Development > Development::Feature Requests

Development::Feature Requests Post suggestions/feature requests here.

Reply
 
Thread Tools Display Modes
  #1  
Old 11-09-2010, 06:35 PM
Wr3c0niz3
Fire Beetle
 
Join Date: Feb 2010
Posts: 3
Default I would love a password recovery option for LS logins.

It doesn't have to be fancy. Just something that recovers your Account password for your log in so you can play those characters that you worked so hard on. Would be awesome if something like this was implemented, Thanks.
Reply With Quote
  #2  
Old 11-11-2010, 12:45 AM
GreatDondeen
Fire Beetle
 
Join Date: Oct 2010
Posts: 1
Default

Oh, that is a nice idea! I have lost track of 2 passwords now. I have to keep coming up with new char names! =P
Reply With Quote
  #3  
Old 05-03-2011, 06:48 PM
keithHen
Fire Beetle
 
Join Date: Jul 2010
Posts: 5
Default

Please, please account recovery!! I've worked so hard only to lock myself out! This should be so important withthe thousands who play..
Reply With Quote
  #4  
Old 05-03-2011, 07:01 PM
KLS
Administrator
 
Join Date: Sep 2006
Posts: 1,348
Default

Rogean may or may not be working on this.
Reply With Quote
  #5  
Old 05-03-2011, 09:52 PM
Rogean's Avatar
Rogean
Administrator
 
Join Date: Jul 2003
Location: Massachusetts
Posts: 708
Default

Allowing a way to reset loginserver passwords would cause huge amounts of problems for the accounts that currently exist. We have yet to come up with an easy way to confirm the legitimate owner of an account.
__________________
EQEmulator Developer / Administrator
Reply With Quote
  #6  
Old 05-04-2011, 05:20 AM
trevius's Avatar
trevius
Developer
 
Join Date: Aug 2006
Location: USA
Posts: 5,946
Default

It wouldn't help people who have old accounts with lost passwords, but I think it would be possible to make a secure enough way for accounts going forward.

I think we could just have the original email address get copied into a new table field upon registration that would be used only in relation to Login Server accounts. Then, allow people to log in with their forum account and then again with one of their LS accounts on that forum account to change that email address at any time. Since it requires the LS info to be able to change the email address, only people who have access to their forum and LS account could change it. Then just allow them to send a password reset email to the email address tied directly to their LS accounts. It would be a single email address tied to all LS accounts on the same forum account, but they can chose which LS account they want to have the password reset on. Then, as long as they still have access to that LS email account, they can complete the process.

That should resolve password issues going forward, but again it doesn't really fix any existing accounts. It would probably only be able to apply to newly registered forum accounts, or maybe only forum accounts past a certain date. I don't know of any secure way to make a system that is backwards compatible due to the security breaches of the database in the past, but that doesn't mean we can't resolve this issue for the years to come.
__________________
Trevazar/Trevius Owner of: Storm Haven
Everquest Emulator FAQ (Frequently Asked Questions) - Read It!
Reply With Quote
  #7  
Old 05-09-2011, 12:38 PM
dannym3141
Fire Beetle
 
Join Date: Feb 2010
Posts: 9
Default

I like the sound of trev's idea.

I don't really even understand how adding a password recovery system based around a person's email address would compromise accounts in any way.

People currently have their own accounts, and if someone breaks into their account, they're screwed - they can change the password, and the person loses access to the account and cannot redeem the password.

If the password recovery system is based around someone's email, that's THEIR personal security and responsibility, all it would do is email a password reset, then email a new password if it was reset. If you wanted to change your email, you do that via email too. The only time that's problematic is if your email provider closes your account before you have time to change your email.

Granted, i don't know how security was breached or what they did or gained, but for the life of me i can't understand why a recovery system which works for just about every other mmo in the world wouldn't work here where theoretically even less is at stake.
Reply With Quote
Reply


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

   

All times are GMT -4. The time now is 09:14 PM.


 

Everquest is a registered trademark of Daybreak Game Company LLC.
EQEmulator is not associated or affiliated in any way with Daybreak Game Company LLC.
Except where otherwise noted, this site is licensed under a Creative Commons License.
       
Powered by vBulletin®, Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Template by Bluepearl Design and vBulletin Templates - Ver3.3