Separate names with a comma.
Comments in 'Plugin Development' started by wolfdale, Aug 19, 2015.
Is it possible for UniqueId to be spoofed? or changed?
There will be a "secret ID" in 0.12 that cannot be spoofed. But there is no method that can never be changed.
Oh ok, how safe do you think using UniqueId for authentication as compared to ip address? Cause i am considering whether or not to use UniqueId instead of ip address for authentication
Well MCPE is ment to be portable and sometimes when Im outside I like to check how things are going by connecting through a public Wifi network, now if you have IP based authentication I wouldn't be able to login :O
Secret ID is unique per server, so it is safe.
What I read is that unique Id includes ip. So if you are comparing unique Id vs ip then unique id is safer.
For authentication I would consider unique id reasonably safe. For banning purpose it falls a bit short.
Secret ID? You would always be able to edit it.
Yes. That's why for auth is okish. For banning it falls short.
Yes, but secret ID is a hash dependent on the server's IP and the device ID. In that case, nobody knows what the secret ID is on another server unless they know the device ID.