Author Topic: Global Login System (Implementation Discussion) (Read 83959 times)

jitspoe · « **on:** March 05, 2006, 08:46:55 PM »

Since it seems the global login system was the most popular wish for build 17, we need to come up with a good, secure method of implementing it so I can start coding. Here's what I had in mind:

- Login names/passwords would be stored in a "central" server (most likely dpball.com) database.
- The passwords would be stored in some kind of encoded manner (the most popular method for this is md5sums, I think).
- For sending the login -- There's a way you're supposed to do this kind of thing to protect it from packet sniffers... the old "lock on a box" analogy. I think the client sends an encrypted packet with its own key to the server. The server then encrypts it with its key, sends it back to the client, the client decrypts with its key, sends back to the server, which decrypts with its key to get the login/password. Is that right? What encryption algorithm should we use? Preferably something clean and lean (and free of patents). For such a small amount of data, it won't need to be too robust, as I don't think anybody could crack it.
- When the server successfully logs into the central server, the central server assigns a temporary password to the client and the game server the client is connecting to.
- The client then logs into the game server with the temporary password (this is done behind the scenes - the client doesn't actually have to type this in).
- Once the client disconnects, the temporary password expires.

Smokey · « **Reply #1 on:** March 05, 2006, 08:50:48 PM »

sounds good , but would the registration process go through the same crap?

Eiii · « **Reply #2 on:** March 05, 2006, 09:01:37 PM »

What would be done if someone were to get someone else's password? How would that be handled?

KnacK · « **Reply #3 on:** March 05, 2006, 09:12:24 PM »

THere are a few ways to do this.

1. Have the player login to their local client. Have a registration type screen pop up where they enter some key info, set up a secured question and answer, and those results are encrypted and go back to the server. But when the user registeres his client, a specific keygets generated based on a given piece of info that he enters.. That key is then sent back to teh server for safe keeping ansd that key is used for authentication

2. Have the user log in to a central server where he enters key information ie.. q and a stuff and a key is generated. This key the user then enters in to his client which then authenticates the user and possibly generates a second clear key.

Remember: the user ID ( key or whatever ) can be encrypted and should be, as once its entered, no one needs to see it. Even the DBA browsign the database.

Now for stats gathering, you might want a clear key that is generated based on info the user enters.

These are jsut some thoughts.

GreenAffairz · « **Reply #4 on:** March 05, 2006, 09:59:31 PM »

ok all that sounds good but in the future will we have built-in player stats? ;p

P!nk · « **Reply #5 on:** March 05, 2006, 10:19:04 PM »

Post removed

jitspoe · « **Reply #6 on:** March 05, 2006, 10:41:25 PM »

KnacK: I'm not sure if I follow, but it sounds kind of like we're saying the same thing. The password would be encrypted in the database. I'm not sure I see the need for questions and answers, though. A simple username and password should be sufficient, no?

Also, it might be nice to be able to "save" your password, so that you don't have to log in every time you play. I wonder what the most secure way to do that would be.

I'm going to implement the login system first, then we'll worry about stats later. One thing at a time.

The two main purposes stats will serve right now are protecting users names and combating cheaters.

Oh, a couple notes I forgot to mention about the logins:
- They'd be alphanumeric only and case insensitive. Color codes, spaces, splats, etc. will be stripped off (this should cut back on people doing clever things to create names that are visually the same, but technically different).
- There will be a primary name and two alternate names. The primary name will remain the same, but the alternate names can be changed every, say, 2 weeks (in order to allow for clan tags and whatnot).

Eiii · « **Reply #7 on:** March 05, 2006, 10:50:59 PM »

Alternate names, eh? I think there should be a primary name, then a tag that would automatically be put in front of the name in brakets.

Smokey · « **Reply #8 on:** March 06, 2006, 12:35:17 AM »

what if its a clan that dosent have in in front.. or not brackets

Eiii · « **Reply #9 on:** March 06, 2006, 12:58:26 AM »

Meh. It'd just make tags universal.

KnacK · « **Reply #10 on:** March 06, 2006, 05:25:26 AM »

the question and answer would be used to reissue a password.

ie.. skater forgets his password. He goes to teh web site and clicks on the " I R A dumbie and forgot my password" link.
From there he enters his primary user id.
A challenge phrase appears that he entered when he registerd:
ie.. " What color is my white dog"
and skater, having some sort of mental whit would respond to his previously entered resposnse :
" white"

I guess the main thing is we need to lay out exactly what is going to be accomplished by the gloabal login:

Stats user and clan
Security/fraud/theft of user name-id
clan membership
authentication of valid client software.

oh, while I'm thinking about it, the login might also grab the login IP address as well as the original IP address when the account was created. This would also help in fraud cases within the DP community or if skater justreally was a dumbie and entered "red" for his response to his challenge phrase.

jitspoe · « **Reply #11 on:** March 06, 2006, 01:29:15 PM »

I've never cared much for password retrieval questions. People should just use passwords they remember. I mean, what if skater's friend pretends to be skater forgetting his question, and, knowing the color of skater's white dog, answers correctly, thus gaining control of skater's account. Plus they make things more complicated to implement.

KnacK · « **Reply #12 on:** March 06, 2006, 02:31:41 PM »

it really does need to be in there, or it will be an admin's nightmare.

jitspoe · « **Reply #13 on:** March 06, 2006, 04:30:37 PM »

I think a "forgot password"/"reset password" email is a better approach, personally.

KnacK · « **Reply #14 on:** March 06, 2006, 08:13:48 PM »

ok...
grumblegrumblegrumble....

jitspoe · « **Reply #15 on:** March 06, 2006, 08:35:11 PM »

* jitspoe gets the feeling that knack forgets his password a lot.

SkateR · « **Reply #16 on:** March 06, 2006, 09:53:47 PM »

Whoa, how'd I get mixed up with all of this?

I like the idea there Jitty, too many people wanna fake my famouis name :-p

Eiii · « **Reply #17 on:** March 06, 2006, 10:40:07 PM »

What's to prevent someone from registering a known person's name before they get to it?

jitspoe · « **Reply #18 on:** March 06, 2006, 11:20:39 PM »

Honor and dignity? And a trip to global ban land if they don't have such things?

KnacK · « **Reply #19 on:** March 07, 2006, 08:59:26 AM »

Quote

What's to prevent someone from registering a known person's name before they get to it?

That's why IP logging should be utilised for registration and login attempts.