dizzy
Members-
Content Count
3 -
Joined
-
Last visited
Content Type
Profiles
Forums
Event Calendar
Everything posted by dizzy
-
It kinda ruins the game atmosphere. Firstly, can you learn something one your own, without a teacher and a book? I guess, no. And it seems logical, like IRL. Secondly, all these Warrior Guilds, Dark Elven Guilds, Orc Guilds, Magic Guilds, Einhasad Temples in every single town with all the NPCs inside are useless now. On lower rates that happens not so often. And by this logic, they should add ‘Shop and Gatekeeper’ options to the player’s panel. Who needs the town when we have so many fields with mobs anyway? Well, according to patch notes Classic is a slightly changed copy-paste Prelude on a Russian server and Chronicle 1 on a Korean server. Moreover, the whole concept of Classic is to make newer/better “Good old Chronicles”, I thought it was obvious. P.S. By ‘casual’ I mean ‘with simplified gameplay’.
-
I remember in good old Chronicles I used to visit a right master/magister/perfect/etc. in a village and have a spellbook/totem to learn new spells/skills. Today I neither can find a spellbook seller nor ‘Learn skills’ dialog and can learn spells/skills right from the ALT + K window. Is it just OBT feature or Classic is getting casual right from the start?
-
So, I just tested registration and authorization and have some comments and suggestions. At first sight these things might seem not so important, but in the end it all may cause a really bad first impression of your server, security issues and hundreds of forum topics like “Y CANT I REGISTER??!!”, “Y CANT I CONNECT??!!” and “SOME1 STOLE MY ACCOUNT OMG!!!” http://lineage2classic.com/register — website and LIVE-server account registration form has: Username field. It should be Account Name, isn’t it?No Password Confirmation field. It is useful, prevents from typos in a password.Uncomfortable order of fields. Most registration forms are ordered like Account Name, Email, Password, Password Confirmation, Security Code and people used to it.Bad error explanation implementation. Error message describes only one field at time and disappears after 4 seconds. Instead, it should indicate all the wrong fields with explanations, like on this forum registration form. Moreover, it should validate fields while typing — that would make registration faster and more comfortable. Unsafe field check implementation. It is implemented on a client side via JS so it could be easily hacked — edited and turned off. Instead, it should be working on a server side via PHP and AJAX.Rough error descriptions. They all must be the same style — short and clear, with no exclamation marks. For example, when I am trying to register an account with non-ASCII symbols in name it says “Username does not fit the name scheme: only a-Z and numbers are allowed, 2 to 64 characters”. Instead, it should say “Numbers and Latin letters only.”Weak Password rules. “Min. 6 characters!” is not enough. Obvious passwords (like 123456, qwerty, asdfgh, abc123, password, 1-2 repeating symbols, the same as Account Name) should be banned, space should not be counted in password length, minimum length can be raised up to 8-10 symbols. Moreover, it should calculate the password strength to encourage users to register safe passwords: long ones, with mixed cases, numbers and symbols. I would also allow using printable ASCII characters only, because I am not sure if other symbols will work in a game client.Incorrect Email length rules. It is not “Min 6 and max 30 characters!” According to RFC standards it is 3 to 254 characters long with maximum 64 characters long local-part. I would recommend using not regular expression but some good third-party function to validate email (like FILTER_VALIDATE_EMAIL in PHP) and leave error description simple “Invalid email.” Serious mistakes in the business logic. “Username is taken” error when email is taken, “Password min. 6 characters!” error when password is longer than 15 characters, “Username 2 to 64 characters” error when account name is 2 characters long.No email confirmation letter. It not only protects from bots, it also proves that user’s email is real and working. And it is not so hard to implement.http://account.lineage2classic.com/ — OBT-server account registration form: Has no error explanations at all. “Something went wrong, try again!” is really confusing.Has the same weak Password rules. Rules that allow register a password that consist of spaces only or contains non-ASCII — both of them do not work in the game client.Allows registering multiple accounts with the same email.http://lineage2classic.com/ — website authorization form has: Login field. It should be Account Name, isn’t it? Moreover, it should be Account Name or Email because most people have dozens of nicknames or pseudonyms that they use as their Username or Account Name and only a couple of emails. So authorization on the website with the email seems reasonable. Insecure error messages. “Wrong password, try again!” means “Account with this name is registered.” Captcha. It’s annoying. Is it really necessary here?I highly recommend fixing and improving all that before release. I also recommend implementing password recovery by email and password change on the website before release too.
- 1 reply
-
- 3
-
- registration
- website
-
(and 1 more)
Tagged with: