Login Server Down?

Angelox · #1 02-04-2009, 12:08 AM

I'm thinking, since Minilogin looks for IP address, have a script that converts the incoming username into a unique number, and insert it into the account table/ip.

Quote:

Originally Posted by leslamarch

I think if minilogin was changed to use username and password vs. IP address more people would be able to use it, and that itself would reduce the load on the public login server. I'm sure it would not be to much to accomplish this to whoever holds the source.

I know the biggest reason why people shy away from minilogin is the extra steps involed to make boxing happen without getting accounts booted. I'm still unsure why the login needs to be controlled by a select few, if the binaries are released the source is still protected.

We want to grow and having huge downtime is never a good thing. I Know this is all wasted words since this topic has been hashed over for a long time now, and it still is as it was.

**AndMetal** · #2 02-04-2009, 01:23 AM

Quote:

Originally Posted by Angelox

I'm thinking, since Minilogin looks for IP address, have a script that converts the incoming username into a unique number, and insert it into the account table/ip.

If Minilogin could use the encrypted username/password string as a unique identifier (think of it as an account ID rather than a username & password), that might work. In other words, allow everyone to login with whatever username/password they want to, but if you enter the wrong one, you won't see your characters. On the plus side, it would be relatively easy to engineer, and you wouldn't have to worry about registering user accounts. On the downside, it could create a lot of confusion if you enter in the wrong username or password, not to mention server admins tracking down a specific account. At the very least, this might make a good idea for a Minilogin2.

However, I agree, something needs to be done sooner rather than later. Ideally, the underlying issue for the downtime can be resolved now, and we can look toward a better way to handle the inherent negatives of having a central loginserver (limited ability to make enhancements, single point of failure) in the long run.

Angelox · #3 02-04-2009, 07:36 AM

You're right about that - already with the PHP script we have, there are a lot of accounts made because a mistaken username was entered (never to be used again) - I can imagine a large scale of this.
What about improving the current PHP login to where you require username, and maybe some more information like a valid email (each email is entitled to a stated amount of accounts). The username then converts into numbers, letters are according to their order in the alphabet (ex. angelox = 1.14.7.5.12.15). Passwords are not encrypted, but that could and should be done.