Quote Originally Posted by .nm View Post
...

AAAAAALSO: could someone enlighten me about the mysterious passwords you need for a simple tool like a minimizer ? Or is it about site passwords. AFAIK on Pauls old site there was something similar, and it reminds me very much. Dutchmeat discovered a trojan horse on Pauls old site, see here => http://www.splashdamage.com/forums/showthread.php/18467-NEW!-Rcon-Online?p=283516&viewfull=1#post283516 in connection with passwords. Dutchmeat is not your everyday random internet person, dutchmeat is trustworthy (coder, many years experience with idtech3 engine, working on etlive). Paul also did not respond..
No, I never saw that until now. I've also responded to the original thread to clear up that story. Wasn't aware of it being on there.

About the passwords in the minimizer. We needed something very secure, as we don't want any passwords to be stolen. The reason why you need to get the code from our site, is that in this way you will never be able to steal someone else his real key, as the encryption key is not stored in the application.

If you really want to know, the 'very strange password thing' is just something with the userid,playerid and some other secret ingredients. Together, this string is encrypted with a key we will never share (so evil people will not be able to decrypt it). Then, it's base64_encoded as the key mechanism produces uncopyable characters, and base64 produces an output will all readable keys.

Is this enough information ?

Regards,

Paul