Authentication hooks (wishlist)

[FunkySwerve]

Based on what Asparius told me in private, I can now say with fair certainty that CD key confirmation is NOT sufficient to stop a determined hacker. Looks like a password system of some kind is required.

Funky

[Disco]

So, if I am correct you associate every character with the cdkey it was created with, right? How do you add the other keys? On account level?

Just interested, want to make something like this as well. The master server is driving our players crazy.

Mmm... I actually can do this already, I think! Every character we create has a key item, which has a name that starts with their cdkey.

[Asparius]

Storing keys in database is much more reliable, I think.

In my system, player is able to 'lock' his account either by cdkey protection or password protection. If he chooses cdkey protection, he can choose adding next authorized cdkey, remove one of existing. When he uses password protection, he is set non commandable on enter, until he types proper password .

[Disco]

Thanks. I want to keep it as simple as possible, so I doubt I'll use the password option.

How do you make sure that Player A doesn't enter player B's account and gives his own cdkey as an alternative option?

[virusman]

He won't be able to log in without having player B's cdkey.

[Disco]

Alright, after being sent enough nwnkeys.ini files to be playing on different accounts all year round when I asked a player for his private key: how do you make sure a player knows his keys? Seems a silly question, but I know a lot of players don't have a clue about these things.

[Asparius]

Player is instructed on enter: if he plays from his own copy of the game, he can set his key (the one he is currently playing) as a 'master' cdkey (all operations like lock/unlock, can be done only when playing from this key).

He can also create a password instead - when changing security settings he will need the password.

System is still in developement though ..

[Zebranky]

I'm skeptical that this login vulnerability exists. I've done a good amount of research into the NWN login protocol, to the point where I've implemented a client that can log into the server (though it doesn't handle anything after the login process). Unless a client is able to redirect the NWN server's communication to the master server elsewhere, I doubt there's a vulnerability when the MS is up. Specifically, the NWN server absolutely communicates to the MS and verifies both the "community name" credentials (GameSpy, whatever you want to call it) and the CD keys.

Of course, with the MS being spotty as PJ mentioned, some sort of authentication hooks would still be useful. I think Jambo stole my idea of replacing the server password with per-user passwords.
_________________
Win32 SVN builds: http://www.mercuric.net/nwn/nwnx/

<Fluffy-Kooshy> NWNx plugin is to this as nuclear warheads are to getting rid of fire ants.

<ThriWork> whenever I hear nwn extender, I think what does NWN need a penis extender for?

[FunkySwerve]

Zebranky PM'd me privately asking what the vulnerability was, and I told him no. I'm simply not going to discuss it - the fewer the people know, the better. If you don't want to believe it exists, so much the better. I will say that I confirmed it with acaos, however.

Funky

[Zebranky]

That's not terribly comforting when I'm running a PW, and several other developers say, "hey, there's a major exploit, but we're not going to tell you what it is." Forgive me for not trusting in security through obscurity, but I've seen it defeated (and defeated it myself) too many times to put any faith in it.
_________________
Win32 SVN builds: http://www.mercuric.net/nwn/nwnx/

<Fluffy-Kooshy> NWNx plugin is to this as nuclear warheads are to getting rid of fire ants.

<ThriWork> whenever I hear nwn extender, I think what does NWN need a penis extender for?

[Disco]

I agree with Zeb, especially if he doesn't even ask you to post it. A player demonstrated it by taking a screenie of my own inventory, which was enough of an incentive to switch on authentication, but I have no clue how he did it. Didn't interst me a lot as I wasn't in charge of that kinda stuff at that moment.

[Jambo]

[FunkySwerve]

[PlasmaJohn]

[Jambo]

Well before we all veer too far off with different ideas/directions for authentication methods...

What are the possibilities on us getting a plugin for the alternative authentication methods? Being able to hook the authentication methods to allow us to send things to a database rather than an ini file when the master server is down was already established as viable. If there was also a hook added so we can get actual password someone entered to connect to a server, that would be fantastic too.

Yet more master server issues today proved the need to really have something alternative, be it a way to have a unique server password for every user, tying it to CDKeys as FunkySwerve suggested, or a more efficient way to handle things during MS outage (for the reasons PlasmaJohn mentioned which still make the Master Server of some merit).

Being able to hook a few things regarding this offers every world a degree of flexibility for what suits their needs, though.