Time Nick Message 14:15 IhrFussel Okay this is just laughable now... it seems that there are seriously people who honestly believe that preventing someone from joining with a certain account and overtaking their current online session actually adds SECURITY to Minetest ... at least according to those downvotes https://github.com/minetest/minetest/pull/8547 ... As if that would help against account theft 14:16 IhrFussel What are these people thinking? When someone got my password it's OVER already ... there is no need to try to mitigate any login attempts 14:17 IhrFussel I thought LinuxDirk is the only silly guy who got that opinion 14:18 IhrFussel Minetest is simply backwards in that regard... I don't have to wait in ANY other game or service until my last session timed out before I can rejoin 14:21 IhrFussel There should be other methods to actually improve security of accounts ... like builtin login attempt limits 14:23 IhrFussel And maybe log such an event when someone overtakes the session of another user so that server admins have a clue when it happened and by who (IP) 14:25 IhrFussel I already implemented a 'anti hack protection' in my server code... it simply stores a timestamp in a table plus a counter and if (within 30 seconds) the same name tries to join 3 times and fails they are blocked from joining for 1 minute 14:30 IhrFussel And I clearly see how it helps with security on my server... cause most people who try to get into another's account give up exactly after the 3 tries 14:31 IhrFussel They don't want to wait for 1 minute staring at their screen 14:32 IhrFussel The majority of players are young kids in MT and that is a fact ... young kids don't have a large attention span 14:33 IhrFussel Additionally I let the online user know that someone tried to connect as them via PM 14:50 IhrFussel btw since most mobile users use a third party app that likely implements the random generated name and password features, it is highly unlikely that someone guesses SUCH a password... I mean did you even take a look at one? They look like '5M!7?ctS' 14:51 IhrFussel iOS users at least are forced to use such apps and they account for a large amount of total mobile users 14:53 IhrFussel And soon the other Android clones will upgrade to 5.0.0 too... if the app devs need the money 15:20 BuckarooBanzai IhrFussel: if you have additional security on your server, why not share your mod with the community... :) 15:20 * BuckarooBanzai hides 15:22 IhrFussel I don't publish mods cause my coding skills are not the best and therefore the code quality is usually bad ... but as long as the code accomplishes my goals I'm fine ... when people ask me for certain things I like to help ... and I would even take some of my server code and share it with them 15:23 IhrFussel I code my server mods not as standalone mods, so I can basically depend on many unrelated mods in each of them 15:28 IhrFussel Also the mod I coded is only a hack... cause in 5.0.0 (which I don't use yet) there is a new callback that can improve it 15:31 IhrFussel Here it is minetest.register_on_auth_fail(function(name, ip)) 15:32 IhrFussel Right now I can only use prejoin() callback and have to assume that even if the 3rd try has the right password it still triggers the block 15:46 Calinou IhrFussel: in my experience, people don't care if your open source code looks ugly 16:58 Krock o/