Opened 9 years ago
Closed 9 years ago
#3266 closed enhancement (duplicate)
Allow lobby users to change their password
| Reported by: | historic_bruno | Owned by: | |
|---|---|---|---|
| Priority: | Should Have | Milestone: | |
| Component: | Multiplayer lobby | Keywords: | |
| Cc: | Patch: |
Description
Currently, users have no way to change their own lobby password. The game should provide a UI for that. It would also be easier to reset a forgotten password, since an admin could give the user a temp password, which they log in with and change.
Change History (3)
comment:1 by , 9 years ago
comment:2 by , 9 years ago
In case the users know their own password when wanting to reset it, the client could just hash the new password and send that to the server with a password change request. Which would not need a change of where the hashing is performed.
In case we put the hashing on the server we might just drop the hashing we do since that doesn't really prevent leaking it then. So we shouldn't do that.
comment:3 by , 9 years ago
| Milestone: | Backlog |
|---|---|
| Resolution: | → duplicate |
| Status: | new → closed |
Duplicate of #2543
Note:
See TracTickets
for help on using tickets.
After discussion with leper in IRC, it is currently easier to delete the accounts instead of resetting the password, because of how the authentication is implemented. Passwords are hashed and the result cached locally. For resetting, this would need to be changed so that the server performs the hashing, stores the result in the DB and passes it back to the client.