[Unte99]

Quote:

(f) You may not violate the privacy of a player, service provider or server operator by means of exposing passwords or identities without consent.

Lets say a server does not hash player passwords. The owner of the server is not careful and because of that there have been many times when another person who was in the server development team used those unhashed passwords for unknown purposes. Because of that data leak it went as far as someone getting an e-mail saying that their e-mail account password has been tried to change.

What kind of action is taken against those kind of servers? Is any action being taken against that at all? If yes, then how does a server get proven guilty?

[Luicy.]

Quote:

Originally Posted by Unte99 Lets say a server does not hash player passwords. The owner of the server is not careful and because of that there have been many times when another person who was in the server development team used those unhashed passwords for unknown purposes. Because of that data leak it went as far as someone getting an e-mail saying that their e-mail account password has been tried to change. What kind of action is taken against those kind of servers? Is any action being taken against that at all? If yes, then how does a server get proven guilty?

It's the players choice to enter their personal password.
So no actions would be taken legaly.

[Vince]

There's not much that can be done, honestly. The usual cause of action, if there is sufficient proof, is that the server is blocked from appearing in the masterlist. But at the moment that's useless since the masterlist doesn't work, anyway.

[Cameryn]

General rule of thumb, generate a random password only for SA-MP servers.

[xPhantom]

Well, everyone has to understand that passwords should be unique for everything. Database leaks tend to happen.