New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Question] Rate limit password entry for multiplayer #8339
Comments
If you restart a network server, the company passwords are reset. make sure to give new ones, or someone else may log in and mess with your company. |
Thanks. I did issue a new password. |
Does OpenTTd rate limit password attacks ? |
I don't think OpenTTD rate limits password entry, but I think it would be a good idea to start rate-limiting password entry. The rate limit should be able to be configured at least in |
I tested further but now cannot figure out how my old trains get restarted, it does not seem to be from loading a save game into multiplayer mode. |
Changed topic. |
Should there be a new message when a client tries to join, but has exceeded the rate limit in doing so? For example, "You have attempted to join [the game] too many times. Please wait …" |
Is there a point in doing so though? If they are typing passwords by hand, then they will never be fast enough to be a threat to anything. If they are using some automated script, they would be able to circumvent this by starting a new client (or writing the packets so that it looks like it's from a new client), and you'd have to resort to rate limits based on the client IP address. |
We are in the process of replacing passwords with something more secure: #8420 This would resolve this ticket, I think. |
Version of OpenTTD
1.9.3
Expected result
Actual result
Steps to reproduce
I have four 520 year old trains which i keep for posterity. Upon restarting from a full system reboot these four trains had been restarted on their original orders. One was subsequently auto-upgraded. Some kind of initial variable maybe.
The text was updated successfully, but these errors were encountered: