1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Add-on [Paid] Minecraft Account Verification

Discussion in 'Resource and Add-on Requests' started by Yoshi910, Apr 26, 2012.

  1. Yoshi910

    Yoshi910 Member

    I am willing to pay for a minecraft account verification system.

    Basically I need a page on where they have to enter their minecraft account information, then the forums check if the login is valid or not. If it is valid, it inputs the name in a custom field. The custom field I want has to be shown underneath the message count when people post.

    Example of the page to login to your minecraft account:
    [​IMG]

    Another example:
    [​IMG]

    Example of the custom field:
    [​IMG]
     
    Brandon Sheley likes this.
  2. Kent

    Kent Active Member

    I would have to say this is a horrible idea from a security POV.

    Perhaps confirmation could be done by asking the user to temporarily change their skin instead?
    Skins are stored like this: http://s3.amazonaws.com/MinecraftSkins/Notch.png

    Or enter a confirmation code on your MC server? This would require a mod of some sort, or perhaps you could use an IRC bot with the CraftIRC mod.

    There's also this, which will prevent anyone from entering random names that don't actually exist:
    https://www.minecraft.net/haspaid.jsp?user=Notch
     
  3. Yoshi910

    Yoshi910 Member

    This is horrible from a security POV, but the user can change the pass right after.
     
  4. Kent

    Kent Active Member

    A bot could change someone's password faster than any human. All it takes is the initial interception from a JS exploit, the server getting compromised, HTTP sniffing, or even someone with a login page with the sole intent on stealing info. It's possible to change the password from email, but if their email is compromised as well, they're just out of luck.
    Also never underestimate human error and laziness. Some may not change the password before or after, and may even use the same password on more than one site.

    There's no justification for asking for login info of another site/service. It just isn't safe, even with the best of intentions.
     
  5. Liam23

    Liam23 Active Member

    Still interested? Send me a PM. I can do this for you.
     

Share This Page