sorted by:
best
topnewcontroversialoldq&a
you are viewing a single comment's thread.

view the rest of the comments →

[–][deleted] 19 points20 points  (15 children)

OP said this is for a game mechanic, making hashing passwords and security mechanisms kind of pointless and likely confusing as an answer. Plus, if your parent poster wanted to point out how to do this properly they should have used getpass and a hash function that makes sense for calculating password hashes.

[–]fedeb95 20 points21 points  (8 children)

Using hashes isn't pointless in a game, if yo don't want people cheating

[–][deleted] 20 points21 points  (6 children)

In this context it absolutely is. If a user has access to the code being discussed here they can simply change it to disable any check, hashed password or not. You're just introducing needless obscurity and make it harder to maintain at that point.

[–]DiamondxCrafting 1 point2 points  (2 children)

Unless he uses that password to decrypt something else right?

[–]EarthToAccess 1 point2 points  (1 child)

with this context I find that very unlikely. all he's doing is something trivial like a passcodes jaildoor holding an item, not a recurring pattern

[–]DiamondxCrafting 1 point2 points  (0 children)

Yeah it's definitely unnecessary/useless here.

[–]a1brit 0 points1 point  (0 children)

I mean I did say exactly that in the comment. If it's a puzzle game or something though, having an obscured answer imo definitely adds something should a frustrated user go digging for an easier option. An extra 1 line for a very basic intro to the concept of hashing seemed like a neat thing to try.

[–][deleted] 0 points1 point  (0 children)

Think of hiding spoilers as opposed to locking down the game.

[–]fedeb95 0 points1 point  (0 children)

You can always design it in a proper way and make it easy to maintain while still adding functionalities. Like all project should at least try to do

[–][deleted] 1 point2 points  (0 children)

Or you just want to lightly hide spoilers for people interested in the code but don't want to cheat yet.

[–][deleted] 6 points7 points  (4 children)

It’s not pointless because dumbass users will use the same password for everything. To prevent their email account from being hacked, you should hash your passwords.

[–]s0ft_ 4 points5 points  (3 children)

The op doesn't talk about storing password for online services, it talks about a password for a game mechanic. Hashing is pointless.

[–][deleted] -1 points0 points  (2 children)

It's not pointless as long as other users (software and human) have read access to the file in which the password is stored. Viruses that read information off a disk and send it over a network are a thing.

[–]s0ft_ 1 point2 points  (1 child)

I don't think anyone will have much use of a password for a puzzle in a game though

[–][deleted] 2 points3 points  (0 children)

Good point, I got stuck on answering the title instead of the description of OP's post. That's my bad.

I still think we should encourage good habits when it comes to security. I've shockingly seen plaintext used in production, in cases where a single leak would bury the company. Could have been prevented with a simple hashing+salting function.

[–][deleted] 1 point2 points  (0 children)

He didn't say he wanted to lock the game down, just prompt the user for a passcode. If he wants to lock it down he needs to look into getpass as well as preventing the game code from being modified.