No I can't help you - LOST PASSWORDS

[Rogean]

The reason the loginserver accounts were kept seperate is because with forum software involved and when this entire system was set up, SQL Injections into forum software was a common occurance. In order to protect the game accounts, they were kept seperate for that reason, neither having any more power to reset the other.

We also have to consider the fact that theres still a compromised database from 2007 floating around somewhere. They haven't been able to do damage to loginserver accounts with that unless people were stupid enough to make their passwords the same. Opening up the option for forum accounts to reset loginserver accounts would be bad times for anyone who hasn't changed their forum password yet.

[ckimbrel]

Quote:

Originally Posted by Rogean

The reason the loginserver accounts were kept seperate is because with forum software involved and when this entire system was set up, SQL Injections into forum software was a common occurance. In order to protect the game accounts, they were kept seperate for that reason, neither having any more power to reset the other.

We also have to consider the fact that theres still a compromised database from 2007 floating around somewhere. They haven't been able to do damage to loginserver accounts with that unless people were stupid enough to make their passwords the same. Opening up the option for forum accounts to reset loginserver accounts would be bad times for anyone who hasn't changed their forum password yet.

Why keep this feature out because people refuse to change their password after 4 years? You could post a notice on here and get all the popular servers to do the same and if folks still don't do it it's up to them. It's incredibly frustrating for legit users to not have access to their accounts because there's no way to retrieve a forgotten password.

Why not just prompt users on login to set a secret question / answer and slowly migrate everyone over?

[PetitScarabee]

Why not allow LS password change only to forum accounts whose password has been changed after 2007 ? (providing this information is available).

Or, for people like me having one working LS account, could we just ask to copy the password from the working account to the not working ones ? This way passwords are still kept inside the login server.

Finally, if LS passwords just can't be retrieved at this time, even by PMing someone, the link in the user CP that seem to allow that should be changed to an information "REALLY just don't forget your LS passwords, because there is currently NO WAY to retreive them". I think it could save everyone some time. And with a good warning people will not assume the password can be retrieved easily with the forum account and make sure they keep it safe: sometimes I don't have my passwordsafe handy and trust the registered email address to allow me to recover my password if I forget it before I am able to store it.

I have personnally no interrest in getting back characters, I just want not to have two forum accounts while still having the option of two LS accounts. Still, if there is no other way I will just create another forum account. I just think it should be made clear, and most people would cease to bother the good guys allowing the login server to exist in the first place.