Hey guys,
Due to the recent website hack, I've decided that we need more security features. As you've probably also already seen, the entire homepage runs under https now. Moreover, I'm changing the hash algorithm that is used in our database to ensure that even hacked passwords will be completely worthless. And that hackers in the future have no way of decrypting 'easy' passwords anymore. I've decided to use 'bcrypt', which is not vulnerable to rainbow attacks (= simple password hacking) and not vulnerable to bruteforcing (guessing until you have the password). The reason for that lies in the complexity of the algorithm, it would take years to bruteforce a password! With this update, the in-game and forum passwords will now also be 100% equal, they are no longer stored as 2 different values.
There will also be a Security Batch #2 in the near future, where I'll make the game client to server connection safer. My plan here is to use RSA for the username and password exchange.
Please note that it's still recommended to change your password
here, if you haven't already done so.
All the best,
Thomy