Hello, I have just read Notch's post about password stealing mods and I have one or two little suggestions about this:
1) It would be cool if Minecraft passwords will be e-mail protected. So whenewer user want to change his password, confirmation e-mail will be sent to his inbox, so without access to e-mail account it will be impossible to change anyones password. This method is used a lot o webpages with prepaid services etc.
2) There shuld be log visible when user login to minecraft with last 5 logins (date, ip, standard run/new installation) so people can spot if someone is messing with their account.
What do you think about that? I think at least first solution will drop number of stolen account to the minimum.
Warning: Some malicious client mods are stealing passwords
When you install a mod, the mods gets full access to your computer, and can do ANYTHING to it.
Make sure you absolutely trust the source before installing any such mods.This applies to both server mods and client mods.
I don’t know which mods are the culprits.
When the modding support is added, there will be support for sandboxing mods to give them less access to important stuff. You can chose to trust a mod if you want to, and if it needs to do fancy things, but the default will be to run the mod sandboxed.
I would like it if Minecraft.net accounts could be deleted or at least have IPs locked on them to prevent the use of them online. There are a lot of ***** accounts out there floating around on Pirate Bay that I am pretty sure Mojang wouldn't mind nuking to get rid of the free use of said accounts.
Rollback Post to RevisionRollBack
To post a comment, please login or register a new account.
1) It would be cool if Minecraft passwords will be e-mail protected. So whenewer user want to change his password, confirmation e-mail will be sent to his inbox, so without access to e-mail account it will be impossible to change anyones password. This method is used a lot o webpages with prepaid services etc.
2) There shuld be log visible when user login to minecraft with last 5 logins (date, ip, standard run/new installation) so people can spot if someone is messing with their account.
What do you think about that? I think at least first solution will drop number of stolen account to the minimum.
AfBu
Thus, I think e-mail confirmation would be a really simple and efficient countermeasure to this problem.
I support this idea.
Source: http://notch.tumblr.com/post/3919992067 ... e-stealing
NOw I MASCArED! I am not safe anymore! NeONE can steel my MiNECrafT account now!
The above is what I feel like some people will react.
We will be fine. Notch has it under control. The email idea I still like though.
Also just get on this forum and find the mods on here. If enough people say it is good then I am sure it is awesome.