Forum problems - PM window not working, bug tracker forum not accessable, more

[winterflaw 0]

Forum problems - PM window not working, bug tracker forum not accessable, more

Hi.

Couple of issues with the forum.

1. I cannot send PMs.  The screen greys out, but then only shows what looks like the title bar of the pop-up type window which is presumably used to type in a PM.  Latest Tor browser.

2. I cannot access the bug tracker forum.  Tor reports a misconfigured SSL cert (wrong domain), combined with HSTS (strict HTTPS).  The error is;

===

report.valkyrie-wow.org uses an invalid security certificate. The certificate is only valid for the following names: www.valkyrie-wow.org, valkyrie-wow.org

===

3. Now finally to the actual reason I thought to get a forum account and write; there is a 16 character password length limit on the WoW accounts.  This is too short.  A decent passphrase is usually 25 or more characters, indeed, this forum has a 32 character password limit, which works.  It means I cannot use a passphrase, I have to use a password, which means I have to use something random, which means I have to write it down in a text file or on paper because there's no way to remember it.  The shorter password length is much less secure, because it qualititatively changes other password-security related behaviour (needing to make copies, rather than being able to remember, being short enough rainbow attacks are possible).

4. I would like to contact a dev and discuss writing a VOIP server and client for Elysium, which ties into the server, so people can talk to people physically near them in the game world.
 

[Fizzle 1]

1. Can you post a picture of that?

 

2. The bug tracker is: https://report.elysium-project.org/

 

This is however unavailable until the servers launch.

 

3. Your account is safe as long as you do not tell anyone else your details.

 

4. Developers can be contacted through the public discord. Please note that they are very busy at this time and you may not receive a reply for a while. Personally, I believe that this will not be added, due to the team wanting the servers to be as Blizzlike as possible.

 

Hope this helps.

Edited December 12, 2016 by Fizzle

[winterflaw 0]

Christ, the quoting mechanism is totally useless!  it's impossible to reply in-line.

 

> 1. Can you post a picture of that?

 

Sure - bit later though, in the middle of some work.

 

> 2. The bug tracker is: https://report.elysium-project.org/

 

Ta.  That URL works.

 

> This is however unavailable until the servers launch.

 

I saw :-)

 

> 3. Your account is safe as long as you do not tell anyone else your details.

 

That's not true, though.  If the site is hacked and the passwords are taken, they can be decrypted/dehashed.  This is much more true for short passwords, 16 characters or less, than for long passwords.

 

That's not my concern though, because the consequence of being hacked is low - it's not like it's my bank account.

 

The concern I have is the hassle factor.

 

I have a couple of passphrases which I use.  I know them.  I now need a particular password *just for this site*.  It's a pain in the neck.  I had a similar problem at work today - another site with a password policy which blocks passphrases.  Every site which does this makes itself painful to the users and the more sites there are like this, the MORE hassle it is.  Passwords are inherently weak and should not be used anyway; and then to force a custom password makes it all the more painful.

 

> 4. Developers can be contacted through the public discord.

 

In principle, yes.  You can't write anything unless you make an account.  I tried to make an account.  There were problems, I think because it refuses mailinator, so I gave up.

 

> Please note that they are very busy at this time and you may not receive a reply for a while. Personally, I

> believe that this will not be added, due to the team wanting the servers to be as Blizzlike as possible.

 

Interesting.  I hadn't considered it in those terms.

 

> Hope this helps.

 

Much.  Thankyou for lurking :-)

[Pottu 290]

The password limitations are due to the WoW client which was made in 2004. Nothing we can do about them.