FOSS gamedev and creative worlds

When I enter a password, is it kept private, or is it publicly shown? I am somewhat paranoid about people possibly discovering the password I use, so I want to ask first.

Piqutchi wrote:When I enter a password, is it kept private, or is it publicly shown? I am somewhat paranoid about people possibly discovering the password I use, so I want to ask first.

It is private, and it is hashed.

Hashing is when it takes you password, and leaves a fingerprint from it.
You can not get an original password from a hash, but you can get a hash from a password.

It's always a good idea not to reuse passwords for different types of account though. I'd advise strongly against using any password for Minetest that you also use for such things as online banking, an e-mail account, or your PC login.

rubenwardy wrote:

Piqutchi wrote:When I enter a password, is it kept private, or is it publicly shown? I am somewhat paranoid about people possibly discovering the password I use, so I want to ask first.

It is private, and it is hashed.

Hashing is when it takes you password, and leaves a fingerprint from it.
You can not get an original password from a hash, but you can get a hash from a password.

Modern hash crackers, with knowledge of your username, can break that hash by brute-force, if your password is not long enough. A 6-length password takes but a few days.

:p my password is a, thing I only know :)

Edit:It 79 Characters Long.

But Do anyone know why password max characters is 255?

Likwid H-Craft wrote::p my password is a, thing I only know :)

Edit:It 79 Characters Long.

But Do anyone know why password max characters is 255?

Just an implementation limit. Since the passwords are hashed, generally there doesn't need to be a maximum limit, but remember that the password does have to be transmitted to the authentication system and does need to be processed by it. Often text fields in UIs have a limited length, or you're only using input buffers of a certain length, or you want to prevent people from attacking the authentication system by sending a bunch of really long password strings to process.

So usually you pick some reasonable limit for them. I doubt many people are going to use passwords that exceed 255 characters, so that seems reasonable. The 8 or 12 or 16 characters some systems choose for maximum password length are definitely NOT reasonable though, so when I run into one of those I find it extremely annoying. I find it even more annoying when it's some online site that processes confidential data or does financial transactions that imposes such a paltry and ridiculous maximum character limit.