Encoding players passwords.
#1

I know i have made numerous post's but i have tried everything and it has honestly got me stumped, and quite frankly I'm getting frustrated. I'm using Whirlpool plugin. The main problem I'm having is actually getting the players password to hash in the Scriptfiles>Serverdata>Players>[PlayerName].

For example the output will still be
Код:
Password yunowork
The plugin seems to be working in the server-log, am i missing a code in my Game mode for it to hash the passwords in Scriptfiles?


<This is the main code i have been using in my gamemode is>
Код HTML:
    new
    buf[145];
    printf("hash");
    WP_Hash(buf, sizeof (buf), "The quick brown fox jumps over the lazy dog");
    print(buf);
also

Код HTML:
native WP_Hash(buffer[], len, const str[]);
Reply
#2

Just use DIALOG_STYLE_PASSWORD or you want REALLY the hash ? or it does not matter ?
Reply
#3

I have already done that.
That changed the Dialog from <PASSWORD> to <******>

But that's not what I'm after,if you go into your server files there will be a folder of all your players and inside that will have their passwords, which is what i want hashed. (:
Reply
#4

I think you can't do that
Reply
#5

That's weird, because what happens if someone stole your server files, he/she has access to all of your players passwords don't they?

Also LuxAdmin uses whirlpool and hashes the passwords in Scriptfiles.
Reply
#6

Quote:
Originally Posted by stabker
Посмотреть сообщение
I think you can't do that
No?


It's actually possible,I've seen this somewhere at a roleplay script when people register the password will be saved in the scriptfiles>Users>someone.ini,I'm pretty sure I've seen this but what actually you want?

I mean,password hash code or something like that?
Reply
#7

Save the hash on the player files. If a player types a password so just hash the input and compare the hashed input with the saved part.
Reply
#8

So you have to hash the passwords in scriptfiles Manually?
Or am i just not understanding properly :S

so confused.
Reply
#9

No, if a player creates a new account on your server (means creating a new file at scriptfiles directory) so you have to hash the registration password right after the player attempts to create a new account. Now usually this player will quit and rejoin again to play with its stats. So after the player logs into your server to use its stats you have to hash the password the player uses to write to log in, get the earlier saved one and compare both strings to check whether the password was correct or just totally wrong.

There is no sense to decode passwords to compare O_o
Reply
#10

Quote:
Originally Posted by BigETI
Посмотреть сообщение
No, if a player creates a new account on your server (means creating a new file at scriptfiles directory) so you have to hash the registration password right after the player attempts to create a new account. Now usually this player will quit and rejoin again to play with its stats. So after the player logs into your server to use its stats you have to hash the password the player uses to write to log in, get the earlier saved one and compare both strings to check whether the password was correct or just totally wrong.
if(Hash of input password == hash in the file) we can login

MrPlatinum, You should compare the encrypted passwords

P.S. Encryption helps to steal passwords in case of burglary. If the password can decrypt it is not reliable.

(Sorry for my bad English)
Reply


Forum Jump:


Users browsing this thread: 3 Guest(s)