Personally I agree how they monopolize auth plugins such that the only auth plugin is SimpleAuth, and it uses a quite secure method to hash passwords before saving (adding salt, encrypting with whirlpool and SHA-512, combining them). Some say that passwords should be saved in plaintext because that favors owners to replace passwords for players. But actually, you can just replace the hash by the correct one. It is easy to get the hash. (There will be a hash page on http://PEMapModder.zapto.org/SimpleAuthHash.PHP soon) Then some say that when players forget their passwords, owners can get the password and send it to the players. But how can the owner confirm that it is the old player? What if he accidentally leaked the password to someone who is just an imposer? We must not exclude the factor that there exists this kind of stupid owners around (no offense if that's you). Moreover, look at all those popular websites around with the "forgot password" button. They just ask you to set a new password, not send you the old one. One never feels comfortable if he knows another person knows his password. Personally, only my parents know my password. And then, some may say that players should trust the owners, but I highly doubt so. There are new servers every day, and apparently players join them. These new servers may be made by people who are first time in the Minecraft community. (If you need proof, go to the MCPE Servers section on minecraftforum.net) How can players trust an owner that they first time see them? If they have to trust him/her to join, these servers will never have players. Even if the players use a new password there, you can't expect players to memorize a new password for each server. They would generally use the same password on most, if not all, servers. Then it is equally important to secure their passwords, whether they are real passwords or not. The community joins servers, based on the faith to servers that they won't read their passwords. And an important factor of such faith is because of how SimpleAuth is monopolized (maybe this is a negative word, but I am using its good meaning), that a lot know that only SimpleAuth is used by most servers (as you know, writing an auth plugin requires something more than basic programming skills). Then they feel comfortable since most servers won't get their passwords. What are your opinions?
Also, thanks to @shoghicp for supporting the hash stance and making SimpleAuth like that. The community would have been different without your decision!
I agree with @PEMapModder because then other servers will know my password and can get access to my server And stir crap up. So good job @shoghicp on simpleauth that its nearly imposible to decript the hash
Players should watch out for servers using a non-official/modified auth plugin, owners might just be looking to steal passwords and login on servers LBSG, LegionPE etc.. thankfully, most servers use the default version of SimpleAuth
some server owners CAN still modify SimpleAuth hash mechanism by modifying it to show the unhashed version. No one is safe to server owners like this.
There are too many "insufficient" server owners that give op for 25 cents... If owners see players passwords, it can let them do all sorts of bad stuff. Most players use the same password on each server. Also, then we can have owners treating to share passwords as well. In conclusion, if you want to see player passwords they should make there own auth plugin. My auth plugin hashes passwords based off a key and half of there username.
Oh also, LegionPE saves password in hashed form, almost as secure as SimpleAuth. And as far as I heard of, lifeboat saves hashes in md5, which is easier to break but still won't get read easily or accidentally.
I think passwords should be encrypted in a way such that a server owner can't decrypt it without brute-force. If someone forgot the password, however, there should be a command for console only like /changepassword [user] [newpass] to make a password reset. True story: about 1 year ago, there was a pretty famous italian server (where I did not played luckily ) that saved users' password in a plain text file through a command-log plugin or something similar without the players accord. Then, the owner of that server and the collaborators used the saved passwords to grief the servers of the players that used to play in his server. That's the reason why I use different password for every server: owners may not use players' password in a correct way (as @PEMapModder said).
If you can easily decrypt your passwords, then your doing it wrong. Also, making a command to change passwords wouldn't be very safe. If anyone got access to the account of an op, it would be over.
In fact, I said for console only. No one should have access to the console except from the owner. You don't need to decrypt a password to change it with /changepassword
