How To get account password

[DanTDM]

How To get account password from registry.db 

it was working with me now i can't need help

 

[iPrestege]

It's not in registry.db it's in internal.db which you can find in mods/deathmatch

 

[Tekken]

You can't get the password all you will get it's a hash.

[koragg]

I don't think you can get any user password in mta. You can just change a user's password with the chgpass command. 

[AJXB]

You can't, unless you have a supercomputer and a couple of years.

[Addlibs]

What you can do, which will be very unpopular with your players and generally a very big liability, is store the plaintext password the user entered when registering (for example, in setAccountData). This is very insecure, as whenever you'll get hacked, passwords will leak out in plaintext. This would also cause privacy concern for those who use the same password for a range of servers, forums or other services. I urge you not to do what I outlined above.

Edited November 24, 2016 by MrTasty

[MKH]

You can unhash it, download sqlbrowser or any program to open registry.db and un-hash it
If you need any help PM me

[Jinx099]

On 24/11/2016 at 6:37 PM, MKH said:

You can unhash it, download sqlbrowser or any program to open registry.db and un-hash it
If you need any help PM me

You cannot know the password it's a binary code which you can't read it so i don't think that's the solution 

btw nice Neji jaloul's pic  

Edited November 26, 2016 by Jinx099

[DanTDM]

 

 

 

I have those images when it was working and then stopped this is registry.db not internal

Edited November 26, 2016 by DanTDM

[Bonsai]

Did you just post passwords of players from your server?

That doesn't really look hashed

[Addlibs]

MTA hardcoded account system is in internal.db, not registry.db (table accounts). The internal one stores account names, their corresponding hashed password, IP and the serial (idk whether that's the ones used when registering, or last login) (columns name, password, ip, serial).

The passwords are hashed into a uniform-length 97-character long hex code, composed on a SHA256 of the password, the version of the hash and the salt.

What @DanTDM posted is not the MTA hardcoded account system but his own login system based on executeSQLQuery, and stores passwords in plaintext (not a good idea imo).

Edited November 27, 2016 by MrTasty

[DanTDM]

On 11/26/2016 at 9:23 PM, Bonsai said:

Did you just post passwords of players from your server?

That doesn't really look hashed

but you don't know my server  so not a problem

thank you all for helping but i have fixed the problem it was a login panel i had in the server was old but it's working

[Dealman]

Please be respectful towards the people that play on your server and offer a secure method of storing their passwords. A lot of people use the same password for a lot of stuff which is a problem(and partially their fault).

Making sure it's hashed and at least somewhat protected really is not hard, but shows that you respect their privacy.

[DanTDM]

i have a security mod for accounts work with serial of the player so no one can enter only with the owner of the account

 

[Bonsai]

32 minutes ago, DanTDM said:

i have a security mod for accounts work with serial of the player so no one can enter only with the owner of the account

 

Yeah, and if I someone knows one of that players, and he uses the same password for his Google Account, this won't help him much.

Also it doesn't make sense to bind the account to the serial at all. What if they change their computer.

[Enargy,]

6 hours ago, DanTDM said:

i have a security mod for accounts work with serial of the player so no one can enter only with the owner of the account

 

You have not the choice to post those passwords publicly in order that every one can see. You can make your own database and get all the password that you want(not recommended) but NO ONE is going to help you to get those default passwords.

[DanTDM]

On 12/1/2016 at 4:35 AM, Gaberiel said:

You have not the choice to post those passwords publicly in order that every one can see. You can make your own database and get all the password that you want(not recommended) but NO ONE is going to help you to get those default passwords.

but i changed there password in this pic not real but i am giving you a same kind of my problem