All I want to know dhunt is when are you going to anwser the question of why do the sysops need the passwords?

One reason I see that you give is so that the "two players that can write me for their passwords and I will respond with it" don't have to start over like everyone else since you just happen to know their password. You could at least be fair across the entire board. Make everyone start over, or if anyone forgets their password give it to them. Don't play favorites just cause you know one person better than another.

Make them all start over, maybe they will be less forgetful the next time.

Ok I just noticed this...

"I don't think a drastic change is necessary. The BBS that TWGS is based on always has allowed the Sysop to access those passwords for the convenience of the User. The BBS usually collects enough information to enable the Sysop to do a positive ID on the requester. If this is a problem, add something that the user MUST id before they can even enter the game. Otherwise, just leave it alone."

The point is to give sysops LESS not more. That was a joke about the mother's maiden name.

Read this very cafefully...

THIS is not a topic about people who forget their passwords, it is a topic about cheating sysops.

If the sysop knows the players password AND this "other unknown" that the user must ID, then that SOLVES NO PROBLEM. This will mean that every user will now have to remember a lot of passwords and the anwser to alot of secret questions. You've traded one problem for another. You've just sugegsted that the user can now use the same password at every game, because if they forget it they can anwser another question (which the sysop also has the anwser for) to get their password back. WHat stops this sysop from then going to log onto other boards as other people, get the password wrong, email the sysop with a password request and the anwser to the stolen secret question???? now the sysop is convinced that this person must be who they say they are, becasue they know the anwser to the secret question that this person unwittingly made the same on every server.

You have somehow managed to respond in a way that has made the whole situation 2x worse, and you have proposed to give the sysops MORE PERSONAL INFO then less.

I must repeat, (and yes I apoligize if I sound a bit perturbed but I am), maybe you could refrain from posting until a time comes when you grasp what this topic is about.

quote:
1) Play on boards where you know and trust the ServOp if you feel your password might be "collected" on specific boards. I'm not even going to get into names, but there have (and probably always will be) ServOps that are less than fair, and it's up to you as the player to determine whether or not you want to play at boards that have or had have "reputations."

2) If you use the same password in every game and a ServOp decides to steal it to log into your account on another server and CBY you or some such thing, you're equally to blame as the ServOp. Use different passwords for each game, and for the love of money, if you have a home network (especially Windows) don't use your network password as your game password. Or your router login password if you have a router with remote administrative functions. -You- are primarily responsible for the security of your password (and thus your games), -not- the ServOp.

3) If it ain't broke, don't fix it. If you follow the above two guidelines, you'll probably never have a problem.



Do you honestly think people who have their passwords compromised by a sysop EXPECT it to happen? Do you think they join and thinkg "this guy might steal my password, so I'm going to use the same one that I use everywhere." For a long time I used the same password for all my tradewars games, simply because it never occured to me that the sysop might have access to my password. Nearly everything that is password protected encrypts the password. I find it funny that you support being able to have access to a user's password, but have no reason for this support other than "that's the way it is."

quote:
Do you honestly think people who have their passwords compromised by a sysop EXPECT it to happen? Do you think they join and thinkg "this guy might steal my password, so I'm going to use the same one that I use everywhere." For a long time I used the same password for all my tradewars games, simply because it never occured to me that the sysop might have access to my password. Nearly everything that is password protected encrypts the password. I find it funny that you support being able to have access to a user's password, but have no reason for this support other than "that's the way it is."


Right on..

My mothers maiden name was simply an example that I dont think others accepted .. on todays boards dupe catching software is running all of the time .. so if someone looses their password they cant start over with a new account "and in all fairness they shouldnt" .. I dont think that the ops should have the ability to view the password .. but they should have the ability to change it .. if they do change the password then we / the users will at least know because we will not be able to log into the game It really wouldnt be difficult to cache someones password so I do use the same password somewhere .. and if an op ever uses it .. then i'll probably quit the game and have the op named and shamed .. ops should respect that aspect of the game .. as should ANY user .. but I guess in the new age of games anything goes for a win ..



<<Doctor Who>>

quote:

Do you honestly think people who have their passwords compromised by a sysop EXPECT it to happen? Do you think they join and thinkg "this guy might steal my password, so I'm going to use the same one that I use everywhere." For a long time I used the same password for all my tradewars games, simply because it never occured to me that the sysop might have access to my password. Nearly everything that is password protected encrypts the password. I find it funny that you support being able to have access to a user's password, but have no reason for this support other than "that's the way it is."





One person took acception of what I said earlier. It's your choice to play or not to play. If a Sysop or Game/Op collects passwords or uses yours in the game they host, don't go there whether it's a TWGS Server or a BBS.

As for accessing a Users Password, it's for the convenience of the Player, not the Sysops I assure you. Having 26 people contact you for their lost password isn't exactly how I like to spend my time. No BBS, ISP, or Software Author really loves doing this. It's just part of the job.

I have certain servers with encrypte Passwords and these are the most secure but the biggest pain in the kiesters when a password is lost. It affects other programs as well. On the home system, I don't need encrypted anything since I am the only one with access to those areas. It's just simpler to administer.

Okay, now that we know it would be possible to encrypt the password, now how do we know it's actually you that is requesting the password change? I won't know you from Adam. Unless there is verifiable proof that it's you and that is actually your character, it won't get changed even though it's encrypted. Due to losing a password is no reason to encrypt.

As for the reason you and others have stated, the real fix is to not play on those systems. Quietly leave and don't come back. As more folks do this, the games die off and so does the server. In the BBS World, we had some of the same problems. These Scrunge Systems die out pretty quick since the old BBS crowd would never stand for it. I imagine it's still going on but you will find those systems pretty well empty.

Just in case you are wrong, though, quietly leave without causing any trouble on the system you suspect. I have seen some without restraint in that regard. Actually, I have only seen one so the majority are pretty good. The Sysops and Game/ops are no different.



Visit slbbs.com port 2002 for a rip roaring game of TW where you also have to battle the Klingons, Romulans, Orians and the Borg.

dhunt that seems to be your answer to everything "Quietly leave and don't come back." As I have seen you use that same excuse on other topics. Hehe...I just spent 20 minutes reading this topic, in which you posted 5 times and I still haven't seen an acceptable reason why you need a users password.

Ability for an op to change/reset a players pw without being able to actually see what it is/was would be great. So why can't you just accept that. You would still be able to play your favorites game with people you know and don't know. Remind me to never play on your servers.

Dhunt,
Why are you so against ecrypted passwords? You appearntly don't give them out so you should have no objection to having passwords encrypted.

Incorporating encryption wouldn't be all that difficult. Actually just replacing the password with a reset option in TEDIT would be even easier. Added security for the players would be a welcome addition imho.

"Well what do you know. It disintegrated."

http://www.orpgs.com port 5555 for TWGS
http://www.orpgs.com port 1863 for Karealia

quote:
Incorporating encryption wouldn't be all that difficult. Actually just replacing the password with a reset option in TEDIT would be even easier. Added security for the players would be a welcome addition imho.


Yea I dont think that encryption is really needed .. just ******'s over the passwords .. like when U log in .. block it from the ops .. or even give ops a bypass password .. I'me sure that would be possible

<<Doctor Who>>

As a sysop, I have absolutely NO reason to need a users password.

I simply need two things related to passwords:

1. The ability to create a new account with a password that I specify (of course the user can always change the password after logging in).

2. EITHER the ability to see the password OR the ability to reset it to some default. Doesn't matter which, just so long as I can help a user regain access if they forget their password.

Cherokee

Cherokee
The Lost Traders Tavern
http://tavern.homeip.net

Deployed Fighters Report Sector 911: Cherokee's Imperial Starship entered sector.

quote:
dhunt that seems to be your answer to everything "Quietly leave and don't come back." As I have seen you use that same excuse on other topics. Hehe...I just spent 20 minutes reading this topic, in which you posted 5 times and I still haven't seen an acceptable reason why you need a users password.

Ability for an op to change/reset a players pw without being able to actually see what it is/was would be great. So why can't you just accept that. You would still be able to play your favorites game with people you know and don't know. Remind me to never play on your servers.




Yes, that is the answer. If you don't care for how something is being run, go use something else. It's your choice. If the Sysop is using your Passwords, that is unacceptable. Maybe the problem isn't with the Passwords but with the Game Ops. I know of no seasoned Sysop that would resort to that. We weeded those out years ago. If you can't trust the Game Ops, they will use Tedit to do anything they wish to you anyway. The Password thing is so far down on my priority that there are tons of other things I would rather JP take care of first. If He finds time, okay, no problem, I won't bitch about it. Priorities, Priorities.

And from you letter, I can see why you would worry about it. IT pays to be Paranod when the really are all out to get you (grin)



Visit slbbs.com port 2002 for a rip roaring game of TW where you also have to battle the Klingons, Romulans, Orians and the Borg.

quote:
quote:
I disagree and let's leave it at that. Being abusive won't get a thing changed. In fact, I have a feeling that it strengthens any changes one would wish.


I don't think it's unreasonable to want an explanation. You obviously have a reason why you think you should be able to see users passwords. I, personally, can't think of one, so I would like to know yours.




I gave you the reason. Just because it's not what you wish to hear doesn't make it any less of a reason. I know you can't think of one. On my system, what you can't think of isn't imporant. What I think isn't important on your system. Neither of us are really important on this descission either. JP calls the shots no matter how abusive and rude you are to anyone.



Visit slbbs.com port 2002 for a rip roaring game of TW where you also have to battle the Klingons, Romulans, Orians and the Borg.

quote:
All I want to know dhunt is when are you going to anwser the question of why do the sysops need the passwords?


I must repeat, (and yes I apoligize if I sound a bit perturbed but I am), maybe you could refrain from posting until a time comes when you grasp what this topic is about.




I grasp it quite well. I hear whining about something none of us have any control over. Your apology is accepted as long as you extend me the same favor.

Just because I disagree slightly, doesn't make my opinion any less than yours. I have decades at this game and it never has been a grave problem before. What's the Diffence now? Come up with that answer and you just answered your own question and will come up with the fix.



Visit slbbs.com port 2002 for a rip roaring game of TW where you also have to battle the Klingons, Romulans, Orians and the Borg.

quote:
Yes, that is the answer. If you don't care for how something is being run, go use something else. It's your choice. If the Sysop is using your Passwords, that is unacceptable. Maybe the problem isn't with the Passwords but with the Game Ops. I know of no seasoned Sysop that would resort to that. We weeded those out years ago. If you can't trust the Game Ops, they will use Tedit to do anything they wish to you anyway. The Password thing is so far down on my priority that there are tons of other things I would rather JP take care of first. If He finds time, okay, no problem, I won't bitch about it. Priorities, Priorities.


It's one thing for a sysop to cheat on his own server by using Tedit against you, and a completly different problem if that same sysop then starts going to other servers to cheat and disrupt your other games as well just because he has been given privlaged info that he has no need for in the first place.

And you know there isn't a personality test or anyhing that someone has to pass before they can buy TWGS. Anyone can pay for it and setup a server, so your remark about all the sysops being weeded out, and no "seasoned" sysop would do something like that is ridiculous. Anyone is capable of anything at anytime.

What makes someone a "seasoned" sysop? I suppose you would consider yourself one even though I've never heard of you and as far as I can tell you just started running a TWGS a few weeks ago. I don't know you, I don't trust you and other people probably feel the same way.
Which according to you, means I should just avoid your server. Not bad advice, but I would guess there are a lot of other sysops that would disagree as most that I know enjoy running large games wuth lots of people in them.

quote:

It's one thing for a sysop to cheat on his own server by using Tedit against you, and a completly different problem if that same sysop then starts going to other servers to cheat and disrupt your other games as well just because he has been given privlaged info that he has no need for in the first place.

And you know there isn't a personality test or anyhing that someone has to pass before they can buy TWGS. Anyone can pay for it and setup a server, so your remark about all the sysops being weeded out, and no "seasoned" sysop would do something like that is ridiculous. Anyone is capable of anything at anytime.

What makes someone a "seasoned" sysop? I suppose you would consider yourself one even though I've never heard of you and as far as I can tell you just started running a TWGS a few weeks ago. I don't know you, I don't trust you and other people probably feel the same way.
Which according to you, means I should just avoid your server. Not bad advice, but I would guess there are a lot of other sysops that would disagree as most that I know enjoy running large games wuth lots of people in them.



Why thank you for allowing me to take the gloves off. What you or others think of me is of little importance. Let's see, I ran it when it first came out. I also go back as a sysop to the TW1 days. Do I care what a single User Thinks when they make stupid accusations? No, not on bit. I am regged as a sysop back to the early days when only the Military had BBSes.

As for avoiding my server. Please do. Saves me the trouble of locking you out for complaining too much and leaving little presents all around the game that annoy the other players. Yes, got your number already. already locked a couple out that do exactly what you are doing now. It annoys the players, takes away from the game.

Sysops are not Game/ops. Many Game/ops are Sysops but not the other way around. To even think that a seasoned Sysop would do this only tells me that YOU are not to be trusted in following the rules.

JP is in our crowd as well and has already nixed most or your ideas. Yes, I understand what is going on much better than you do now. Hopefully, you will catch on someday and stop this nonsense.

I was here before you and will be here long after you.

End of discussion

quote:
End of discussion


Were you dropped on your head when you were a child?