Welcome!

By registering with us, you'll be able to discuss, share and private message with other members of our community.

Sign up now!

RuneMate SAVES our passwords in PLAINTEXT

Status
Not open for further replies.
Community Manager
Joined
Apr 7, 2015
Messages
1,394
"Arguing on the internet is like running at the special olympics. Even if you win, you're still retarded." - Albert Einstein, 1889
 
Java Warlord
Joined
Nov 17, 2014
Messages
4,906
Why doesn't it count.
Because bruteforcing doesn't decrypt anything. Besides, it takes so astronomically long to bruteforce common encryptions that it's not even a viable option to consider.
 
"Arguing on the internet is like running at the special olympics. Even if you win, you're still retarded." - Albert Einstein, 1889
I knew Einstein and he did not say that.
 
I've been called a god before.
Joined
Aug 5, 2014
Messages
3,212
Because bruteforcing doesn't decrypt anything. Besides, it takes so astronomically long to bruteforce common encryptions that it's not even a viable option to consider.
 

I knew Einstein and he did not say that.
welllll computers are getting powerfull af soooo
 
Joined
Feb 23, 2017
Messages
464
And what? Let's say an admin goes rogue. Instant free 10,000 accounts for him

You can store a local generated encryption key per computer on the fly when they first login. Then hash their RS password with it. You store the hashed password online. Then just keep referencing the crypt key on the local computer for decrypting it. If it's a new computer you give them instructions on how to transfer they key.
wait you're actually retarded. I thought you were just trolling. I was about to back you up cus i thought it was just a meme thread.
 
Joined
Jan 16, 2017
Messages
162
1.) If you were halfway intelligent you would know that it's encrypted. 256-AES I am guessing which is the latest in encryption standard technology, I bet they even use 1024-2048 RSA handshake upon logging into the site. I seriously hope this is a troll, because if it's not your retarded.

2.) Set up authentication, are you retarded? No, for real... I am not trying to be mean but use some common sense. The only way someone can get by an authentication is if they RDP your desktop, or create a guest session in the background and login from your network. If you can use VM you must be at least halfway smart to use a Dynamic IP address (unplug if you have been hacked, clean your PC then plug it back in). RuneMate is not a virus either before you on rant, run it in sandbox if your that paranoid. Run KeyScrambler like I do (encrypts your keystrokes from the very first process) 99.9% of RATs (Remote Admin Tools a.k.a malicious users) cannot see this anymore.

3.) Don't be an idiot and use common sense, that's how I use RuneMate. Use some logic before you come on this form accusing them of "holding your password improperly." Or the cute way you say it like your some kind of programmer or software engineer "plain text." ;)

After thought:
Let's say it's not encrypted (Use Authenticator, use Key Scrambler) problem solved. Now GTFO.
 
Last edited:
Mod Automation
Joined
Jul 26, 2013
Messages
3,044
By your own admission, all user credentials are encrypted client-side before being sent to the server. The server stores and responds with the cyphertext once the user is authenticated. The cyphertext is then decrypted client-side.

I gave you the chance to correct your absurd declaration, which you were intelligent enough to do. I know your heart was in the right place, but the fact that you don't know the difference between plaintext and cleartext tells me you are an amateur and the fact that you made this claim without first verifying tells me you have some maturing to do. However I am always glad to see young people interested in the burgeoning field of cryptography, so please continue educating yourself on it.

Locking thread to protect you from the deluge of hate you've been getting.
 
Status
Not open for further replies.
Top