I don't think it's necessary or sensible to show the confirmation "live" before unlocking - it does show "Your user name was not found" when you try to unlock with a non-existing user name.
I don't think it's necessary or sensible to show the confirmation "live" before unlocking - it does show "Your user name was not found" when you try to unlock with a non-existing user name.
This test patch update reseted my Training completion. fix
personally I wouldn't like it from security reasons, one of them being that it would potentially make 'getting access' to accounts-licensed accounts more easy.
And your second thought makes it even easier, honestly don't think there's much explanation that needs to be done.
Scawen, one question about unlock codes: I know they're not one-time type codes, meaning you can use that same code as many times as you want.
However, if I (or in worse case, someone else) request to send an email containing that new unlock code, will the old code that I've already used in-game instantly become obsolete? Or is it that unlock code becomes obsolete only after the new unlock code has been used in-game at least once?
If it's the former, better not to accidentally click that link
In any case, the latter option is definitely safer, because there's always a possibility someone has found out user's LFS password for the site, but doesn't know how to access their email. In case the current unlock code becomes obsolete instantly when someone requests a new one, one can simply annoy other users by requesting new unlock codes and preventing them accessing LFS with their older unlock code.
However, if I (or in worse case, someone else) request to send an email containing that new unlock code, will the old code that I've already used in-game instantly become obsolete? Or is it that unlock code becomes obsolete only after the new unlock code has been used in-game at least once?
If it's the former, better not to accidentally click that link
In any case, the latter option is definitely safer, because there's always a possibility someone has found out user's LFS password for the site, but doesn't know how to access their email. In case the current unlock code becomes obsolete instantly when someone requests a new one, one can simply annoy other users by requesting new unlock codes and preventing them accessing LFS with their older unlock code.AFAIK it functionally works like your old password which gets checked by the master server when you request server list.
When someone else gets access to your account and keeps requesting new unlock codes, you will see the e-mails in your inbox that you didn't request, which means you should immediately change your web password so they get logged out automatically.
Yes, clicking it does instantly make all obsolete.
I think it would be better if that link led to an intermediate page, where you could choose to:
1) send your existing unlock code to your email address
2) generate a new unlock code and send to your email address
(If you don't already have a valid code then only option 2 would be available)
So you would select one option then "Send" (or maybe just clicking one of the options does the send instantly). I don't think it causes any security issue and might be helpful sometimes.
I think this is also one way to solve the current issue that refreshing the page sends another code again.
I think it would be better if that link led to an intermediate page, where you could choose to:
1) send your existing unlock code to your email address
2) generate a new unlock code and send to your email address
(If you don't already have a valid code then only option 2 would be available)
So you would select one option then "Send" (or maybe just clicking one of the options does the send instantly). I don't think it causes any security issue and might be helpful sometimes.
I think this is also one way to solve the current issue that refreshing the page sends another code again.
Someone keeps resetting my unlock code. I logged into my profile page and changed website password. I don't use it on any other website and my e-mail is highly secured. This just brought a lot of complications.
Can you explain what you mean, exactly what you saw?
The new version is now available.
Thank you for all the reports, help and discussions.
Forum thread: https://www.lfs.net/forum/thread/112094
Thank you for all the reports, help and discussions.
Forum thread: https://www.lfs.net/forum/thread/112094
This thread is closed
Removal of WEB password and GAME password
(185 posts, closed, started )
FGED GREDG RDFGDR GSFDG