Posted by
| Nick Gammon
Australia (22,973 posts) bio
Forum Administrator |
Message
| MUSHclient doesn't change the behaviour of the input box, admittedly.
However don't you just put the password in once? Shoo people away from watching you, type it into the Connecting configuration dialog, and then use auto-connect after that. After all, if someone is standing nearby they can watch what keys you type, regardless of what is echoed.
The password is stored in the world file, Base64-encoded. This isn't exactly encrypted, but requires a bit of scripting to get it back out.
I should warn you though, that if you are really worried about someone finding your password, what they could do it, when you aren't in the room, turn "packet debug" on, connect to the MUD, and then look at the outgoing packets to see what the password is.
If you are at a shared computer, and think someone might try this, you could always use TrueCrypt (www.truecrypt.org) which is a free utility. This lets you set up extra encrypted partitions under Windows, Linux and OS/X. The encrypted data can be stored in a simple file.
So what you could do is put your MUSHclient stuff (especially the world files with their passwords) into a TrueCrypt partition (which might be the M: drive once mounted). Then when you want to use MUSHclient, mount that partition (which requires a password, and *that* password is echoed as asterisks). Then play the MUD, and dismount the partition before you walk away. Then it would be safe to store the passwords in the world files.
TrueCrypt is a smallish download, free, quick to install, fast and easy to use.
Perhaps I should further warn you that if you are really, really worried (younger brother maybe?) then they could be using a packet sniffer at a nearby computer to find your password out (and this would apply to zMud as well). |
- Nick Gammon
www.gammon.com.au, www.mushclient.com | top |
|