Guest
home
beatmaps
rankings
community
store
help
forum
  1. Forums
  2. osu!
  3. Development
  4. Feature Requests

https (SSL) based logins

posted
Total Posts
8
This is a feature request. Feature requests can be voted up by supporters.
Current Priority: +20
Corin
910 posts
Joined January 2011
Topic Starter
Corin
I know this may sound like a odd request but what with osu! becoming a sport now and such, https logins should be of the norm.
Sending a non-encrypted password over the internet is one thing and I assume osu! itself hashes the password before sending it but the hash isn't even salted and nowadays it doesn't take very long to crack an unsalted md5 hash.

So yeah, is there any way we can get our forum logins/Bancho logins going though https instead of plaintext please?
It's a small request for a big deal afaik and is worth it in the long run.
Love
osu! Alumni
1,267 posts
Joined August 2010
Love
+1 to this :v
PhiLL A
PhiLL A
+1 without star. Just imagine the shitstorm if Cookiezi got hacked and banned or something.
Kiririnshi
9 posts
Joined September 2012
Kiririnshi
+1 to this.
peppy
19,315 posts
Here since the beginning
peppy
This is quite high in my priorities.
D33d
1,697 posts
Joined April 2011
D33d
Definitely this. We can't go without the added security for much longer, before something really bad happens to the site. Glad to know that you're pushing towards it.
mm201
osu! Alumni
4,495 posts
Joined August 2008
mm201
Even just using host restricted session tokens instead of MD5s would go a long way.
peppy
19,315 posts
Here since the beginning
peppy

D33d wrote:

Definitely this. We can't go without the added security for much longer, before something really bad happens to the site. Glad to know that you're pushing towards it.
Nothing will happen to the site. Worst case is someone sniffing your local network traffic (at a net cafe's wifi for instance, this is very possible).
Please sign in to reply.

New reply

0
1 / 8