Separate names with a comma.
Prevents people to impersonate an account, requiring registration and login when connecting.
Thanks man I'll get to it.
help my server crash every time I log in please help
oh can anyone help my server crashes when ombody logins
why is that it so easy to steal a account/name.
I have a real problem with people steal account/name from admins and destroy the world.
How do the steal a account/name?? is it something i can do about it.
I use the newest update for the plugin.
I have not found any holes in Simpleauth security wise that are not caused by operator error.
First off, I give out VERY few admin positions on the server. I know there are servers that give away OP and Admin for dontations and other reasons. In the end they get what they deserve. Keep your staff close to you and supervise them closely.
Also the most common failure is someone will forget the " / " in front of the " /login " command and broadcast their password to the entire server.
We all make mistakes, I even did it once. You need to drive home to them that if they make a mistake like this not to be worried about you being angry with them but to just let you know instantly.
if the player isnt logged in yet, he cant broadcast any messages.
You would think so however this has taken place in my servers on a number of occasions. I've sat there and watch it happen.
I don't claim to be any kind of a programmer so I don't pretend to have an answer how but it does happen.
thats weird ... probably they put the command twice. probably lag issues. shit happens :-/
This had occured to me also as I have had console messages appear twice after hitting enter in quick succession however, when I have seen this error happen the login always appears without the " / " like " login <password> " which tell me that it is being entered incorrectly.
If you do /login <password> in server once logged in nothing is copied via console as far as I am aware (I'm open to being corrected) so it suggests to me me they are entering it without the " / " to begin with.
*shrug* honestly as I said above, I really don't know why it happens other than to say in my eyes the primary reason for giving your password away is most likely operator error.
is there anyway for the console or ops to help player recover their password if they forgot it
You may be able to read it direct from the users personal file withint the folder I haven't checked, but for my purposes it's just simpler to do a
/simpleauth unregister <playername>
and get them to re register. I normally will not do this until a. The player requests it and b. I am onhand to confirm it is the correct player by ip match to avoid account stealing.
k thanks i'll test that and when its in the folder it is encrypted so i can't completely read it
the command works so what is the encrypting system used so they don't get kicked from the server when i unregister them
I have no idea of the encryption used however you can unregister them while they are at the login prompt without them being kicked and it changes to the registration prompt automatically.
Is it against the rules if I make a plugin for logging in by tapping signs?
Can I know player's passwords?
i cant find out how to accualy log into the servers
i think not. look at permission plus, xti rmgr, numeric ranks. they serve as the same purposes.
if you have something in your bank, why wont you withdraw it and give it to the needy
Official plugins are protected in unique in specific. Read the plugin submission guidelines.
This is a silly question but I'm running a service that allows people to forward their servers IP's through my network to give them something more memorable besides numbers. (Example theirname.mydomain.com). Anyhow, I wish to edit the config of SimpleAuth to allow anybody with the special version of the plugin to have their login info synced across all the servers that use my service. Are you okay with me doing this? The plugin is already pretty stable and I'd much rather build off of it instead of make a whole new one from scratch.
This would all be possible (I think) because I'll be dedicating a database or two to the login service.