Jump to content

  • Log In with Google      Sign In   
  • Create Account


#Actualrpiller

Posted 05 January 2013 - 08:18 AM

I guess I view it as an extra layer of security when sending the password across the wire. If the wire gets hacked into at least they won't see the plaintext password since the player could be using that for other sites. If someone is able to hack the wire (even if it's thought to be unhackable today) at least it'll only be the hashed value for just this game. I view it as minimizing the already minimal risk and it doesn't introduce that much more work on my part. smile.png

 

If the wire is truly unhackable then no harm done, just minimal extra work.

 

 

 

 

then the token you store on the server

 

What "token" are you referring too? The only thing on the server would be the MySQL encrypted column that holds the salt & hashed pw by user. If those are leaked then they have to decrypt the data first. If that's done then there isn't much you can do anyway for this game, but at least it's not plain text for them to try with other sites for the user.


#4rpiller

Posted 05 January 2013 - 08:16 AM

I guess I view it as an extra layer of security when sending the password across the wire. If the wire gets hacked into at least they won't see the plaintext password since the player could be using that for other sites. If someone is able to hack the wire (even if it's thought to be unhackable today) at least it'll only be the hashed value for just this game. I view it as minimizing the already minimal risk and it doesn't introduce that much more work on my part. smile.png

 

If the wire is truly unhackable then no harm done, just minimal extra work.


#3rpiller

Posted 05 January 2013 - 08:15 AM

I guess I view it as an extra layer of security when sending the password across the wire. If the wire gets hacked into at least they won't see the plaintext password since the player could be using that for other sites. If someone is able to hack the wire (even if it's thought to be unhackable today) at least it'll only be the hashed value for just this game. I view it as minimizing the already minimal risk and it doesn't introduce that much more work on my part. smile.png


#2rpiller

Posted 05 January 2013 - 08:03 AM

I guess I view it as an extra layer of security when sending the password across the wire. If the wire gets hacked into at least they won't see the plaintext password since the player could be using that for other sites. If someone is able to hack the wire at least it'll only be the hashed value for just this game. I view it as minimizing the already minimal risk and it doesn't introduce that much more work on my part. smile.png


#1rpiller

Posted 05 January 2013 - 08:02 AM

I guess I view it as an extra layer of security when sending the password across the wire. If the wire gets hacked into at least they won't see the plaintext password since the player could be using that for other sites. If someone is able to hack the wire at least it'll only be the hashed value for just this game. I view it as minimizing the already minimal risk. :)


PARTNERS