Nostalrius Begins - Quality wow vanilla realm (1.12)

Hi nos team,

I think just releasing the personal info database with encrypted password and email address is still not safe. Many hackers can make use of this database by test the email or other ways. Maybe you could use RSA algorithm that send a email to all the accounts' email address about their private key and then release a database that all encrypted. And in this way other private servers could check the key and not any personal info will be really public.

sry for my pool english. And I'm sure some of your professional developers could come up with that solution. Just a tip.

Best Regards
mssjtxwd

I think they said they would Hash it instead, which means there's some kind of hashed key you can match your (hashed) email address up with.
At least it's possible.

Mimma wrote:I think they said they would Hash it instead, which means there's some kind of hashed key you can match your (hashed) email address up with.
At least it's possible.

yeah hash is also a good solution but only hash the email address is not enough. For example, If the account name is not hashcode, then hackers have a email address list could check who have the address, and get more information. So the dev team maybe need to hash all the fields. But I think it will be a problem for the successors to change the database.

Maybe I need to folk a mangos server core and learn its db structure in github. Just hope what above will be helpful for the dev team.