85 replies to this topic

[Gleeok]

Trying to keep this relatively short:

 

Basically just trying to get a feel for what the communities current take on password protection is. What I mean by that is simply whether-or-not anyone cares if it's possible for someone to download or compile something that can bypass passwords (which has already been a thing for years). Since the vast majority of people just play quests and don't muck with ZQuest really, this is kind-of geared toward quest makers, but anyone can put in their 2 cents. This was actually brought up recently where it not only was the case where it was fine, but nobody would even mind if passwords were removed completely--this isn't going to happen anytime soon, however--although this has been a touchy-feely subject in the past.

So, imagine for a moment an ZC as open-source where anyone with a c++ compiler (and some patience) can 'crack' quest passwords. Does anybody really care?
 

 

[edit] Poll is just for fun and not taken seriously. Please reply if you have a comment.

[edit2] This thread is serious, so put on your serious cap if you think it doesn't sound serious enough.

[coolgamer012345]

... dem poll choices tho

 

I would prefer to have password protection, unless it would be hard to keep in.

[SkyLizardGirl]

I don't want people seeing what's in my project thoughs.

!0_0!  They may make fun of me how i over organize all my maps super neat like - I'm  ADHD .*

Edited by SkyLizardGirl, 19 October 2015 - 03:15 AM.

[Moosh]

 

I don't want people seeing what's in my project thoughs.

!0_0!  They may make fun of me how i over organize all my maps super neat like - I'm  ADHD .*

 

I for one can say I wouldn't and I don't think others would either. I'd have more concern about the other end of things: people poking fun at how messy my quests are, but so far nobody has. I've given people the option to look through my quests pretty much since I started making quests and I don't ever once recall hearing any sort of discussion or acknowledgement of it whatsoever.

[Timelord]

Here's mine, and you already know...

 

It takes about ten seconds to break the password on a quest. In fact, it took all of part of a day to reverse engineer it, without the source code.

 

Quite literally, anyone can do it.

 

Quite important also, is that anyone who would be able to figure out the source code, enough to modify it to bypass a quest password, can already bypass a quest password. Nothing--absolutely nothing--in a .qst file can be protected, in any way, whatever at present.

 

Anyone who thinks it can, doesn't comprehend how absolutely and blatantly worthless the present scheme is.

 

I say, if people want to add their own encryptions, let them do it in the source, and make a PSK of some kind. Post the current code, and it won't change the status quo one titch.

 

It'd factually be harder to figure out how passwords, and encoding work, by reading the source code, than it is now, by doing basic file analysis. I mean, they'd need to find it in that mess, first.

[SkyLizardGirl]

Wells, .. I guess, it  would be good to Unlock long lost projects people lose their passwords too.

 

The GODS Here of Zelda Classic Top authorities should only have that option.

And people Ask permission to them only if they can unlock a locked quest request.'

 

The same for how Nobody can actually download the entire NES Zelda game or Outlands Journey in .qst format

Edited by SkyLizardGirl, 19 October 2015 - 05:09 AM.

[Timelord]

[...]

The same for how Nobody can actually download the entire NES Zelda game or Outlands Journey in .qst format

 

Is that supposed to be a joke of some kind?

 

---

 

You want to know what;s really funny? The ZASM lexer provides better 'protection' than the quest protection routines. Decompiling from the word table is extremely tedious, and if you want to make readable ZScript out of it, have fun. 

Edited by ZoriaRPG, 19 October 2015 - 05:25 AM.

[Anarchy_Balsac]

I'd have voted if not for how you worded the top choice.

[Deedee]

I honestly couldn't care. Well, actually I kinda do. If there was no password protection on a quest, then that would ruin all the quest password rewards. I decided to go with the middle option simply because HURRY THE HELL UP ALREADY AND MAKE WEAPON AND ENEMY SCRIPTS, FOR CRYING OUT LOUD!
 

 

Here's mine, and you already know...

 

It takes about ten seconds to break the password on a quest. In fact, it took all of part of a day to reverse engineer it, without the source code.

 

Quite literally, anyone can do it.

 

Quite important also, is that anyone who would be able to figure out the source code, enough to modify it to bypass a quest password, can already bypass a quest password. Nothing--absolutely nothing--in a .qst file can be protected, in any way, whatever at present.

 

Anyone who thinks it can, doesn't comprehend how absolutely and blatantly worthless the present scheme is.

 

I say, if people want to add their own encryptions, let them do it in the source, and make a PSK of some kind. Post the current code, and it won't change the status quo one titch.

 

It'd factually be harder to figure out how passwords, and encoding work, by reading the source code, than it is now, by doing basic file analysis. I mean, they'd need to find it in that mess, first.

How does it take 10 seconds? Lol.

[Avaro]

It may seem like passwords dont protect quests in your eyes, but it actually takes at least some effort to figure out how to bypass the password. I, for one, wouldn't have any idea of where to start about doing it, and I'm using ZC for about 6 years

 

I feel better knowing that casual ZC players can't just open my quests in the editor. If they want to make "some minor changes" for whatever reason it could potentially break the quest and ruin their game experience, due to how easy it is to break things in quests if you don't know what you are doing. I trust that those people who actually took time to look into how to bypass the password know what they are doing.

 

So basically, I want passwords not to protect my quest, but to protect the players.

Edited by Avataro, 19 October 2015 - 08:43 AM.

[TheLegend_njf]

I for one can say I wouldn't and I don't think others would either. I'd have more concern about the other end of things: people poking fun at how messy my quests are, but so far nobody has. I've given people the option to look through my quests pretty much since I started making quests and I don't ever once recall hearing any sort of discussion or acknowledgement of it whatsoever.

At least your quest doesn't have a fragmented mess of dungeons stolen completely from somebody else's quest for reasons I still don't know! Lol

For those who's wondering what I mean, Moosh had a surprise one day when he opened up TRIFORCE and saw a bunch of his levels from Link's Quest for the Hookshot 2 literally copied/pasted right into the quest. Lol

Why did I do that? I dunno, I never had any real purpose of it or practical value in it, I just mainly wanted to look at some screens for reference. But apparently opening up a JPEG or something makes too much sense. I guess it is just a NJF thing I suppose. :/ lol

Edited by NewJourneysFire, 19 October 2015 - 08:57 AM.

[Deedee]

At least your quest doesn't have a fragmented mess of dungeons stolen completely from somebody else's quest for reasons I still don't know! Lol

For those who's wondering what I mean, Moosh had a surprise one day when he opened up TRIFORCE and saw a bunch of his levels from Link's Quest for the Hookshot literally copied/pasted right into the quest. Lol

Why did I do that? I dunno, I never had any real purpose of it. I guess it is just a NJF thing I suppose. :/ lol

"You dare bring levels to your lair? YOU MUST DIE!"

[TheLegend_njf]

Perhaps I should make a dungeon out of his levels. Lol Jk

Or better yet!!!

Edited by NewJourneysFire, 19 October 2015 - 08:59 AM.

[Saffith]

It may seem like passwords dont protect quests in your eyes, but it actually takes at least some effort to figure out how to bypass the password. I, for one, wouldn't have any idea of where to start about doing it, and I'm using ZC for about 6 years

Perhaps not, but I bet you know how to use Google, and it'll be happy to help.

That's the thing; it only need to be done once. Once someone figures out how to bypass the passwords, it becomes easy for everyone. Editing out the password check and recompiling might be a bit easier than poking around with a debugger or hex editor, but I doubt it makes a difference of even a day.

[Theryan]

If needed/wanted, anyone could already unpassword a quest. Unless the password protection is updated, this issue is somewhat moot.

Edit: I've been planning on removing the password for some of my quests soon anyway, so I really don't mind if passwords are removed.