[Calgon]

Quote:

Originally Posted by Extremo I disagree. Especially looking at those servers out there who store the e-mail address of the user. Since most people are unaware of any security related issues that come with installing a mysql database for example it is very simplistic to inject their server and retrieve information such as passwords and emails. One out of a hundred users will likely be using the same password of the e-mail. Now with the e-mail itself I can check if that user has registered any kind of service other then sa-mp with that particular email. Now I might find valueable accounts such as Steam which are not a rare occassion in the scene. I believe you underestimate the data that sa-mp servers collect. EDIT: Keep in mind that socialising is also a part of hacking. It is not too hard to find out one's MSN or such and from there on you can find their password through an injection - log on their MSN - scam someone important on their list - oh dear possibilities are endless I believe. EDIT2: tldr: You can never be save enough I believe.

Most servers I've played or scripted for only collect passwords and usernames, and IP addresses, the rest is irrelevant SA-MP information. They may collect emails in another database, i.e. forums, but most forums salt passwords too.

Yes, there are MySQL vulnerabilities, but I think you're vastly exaggerating how significant they are and especially injection - there are cases when people forget to protect against it, but I've only seen maybe 1-3 servers that are vulnerable.

Plus, I think you're forgetting how many people who are actually somewhat security-concious and use a unique password for every server/service they use.