Search the Community
Showing results for tags 'website'.
Found 3 results
-
cant login to website. last night i could not make tickets.
-
Harbingers are recruiting. You can check out our newly made site here - Home Our forum here - Forum Apply here - Application form. We are an open and friendly Clan, yet, we only accept members with our philosophy and attitude towards Lineage 2 Classic: We will strive to work together, steadily grow and carve out our place on this server. Our emblem and names will be recognised, we'll be known serverwide; like minded players will then be attracted to us and we'll grow: let's see where it takes us. Our environment: People will feel safe playing support classes as there'll be consistent groups available.We'll maintain a highly co-operative ethos when crafting/gathering materials. (Clan prices, swap systems managed by myself and officers.)I'll appoint Class-Type Officers (Knight, Summoner etc.) and leadership positions to keep the structure alive and kicking.Group-play highly encouraged - I myself will group in any group combo, I'm hoping others will follow in this; I never want to see a Clannie unwillingly playing alone.English is primary language (others not a problem, have functional English, don't spam clan/ally chat with non-English.)Respect: we are not profanity/humour Nazis but please respect Clan members. (It'll be easy, you'll soon LOVE all your clannies).You are a representative of the clan; please be respectful and pleasant to everyone who you interact with on server, we want to maintain a good reputation.
- 48 replies
-
- 1
-
- harbingers
- eu
-
(and 3 more)
Tagged with:
-
So, I just tested registration and authorization and have some comments and suggestions. At first sight these things might seem not so important, but in the end it all may cause a really bad first impression of your server, security issues and hundreds of forum topics like “Y CANT I REGISTER??!!”, “Y CANT I CONNECT??!!” and “SOME1 STOLE MY ACCOUNT OMG!!!” http://lineage2classic.com/register — website and LIVE-server account registration form has: Username field. It should be Account Name, isn’t it?No Password Confirmation field. It is useful, prevents from typos in a password.Uncomfortable order of fields. Most registration forms are ordered like Account Name, Email, Password, Password Confirmation, Security Code and people used to it.Bad error explanation implementation. Error message describes only one field at time and disappears after 4 seconds. Instead, it should indicate all the wrong fields with explanations, like on this forum registration form. Moreover, it should validate fields while typing — that would make registration faster and more comfortable. Unsafe field check implementation. It is implemented on a client side via JS so it could be easily hacked — edited and turned off. Instead, it should be working on a server side via PHP and AJAX.Rough error descriptions. They all must be the same style — short and clear, with no exclamation marks. For example, when I am trying to register an account with non-ASCII symbols in name it says “Username does not fit the name scheme: only a-Z and numbers are allowed, 2 to 64 characters”. Instead, it should say “Numbers and Latin letters only.”Weak Password rules. “Min. 6 characters!” is not enough. Obvious passwords (like 123456, qwerty, asdfgh, abc123, password, 1-2 repeating symbols, the same as Account Name) should be banned, space should not be counted in password length, minimum length can be raised up to 8-10 symbols. Moreover, it should calculate the password strength to encourage users to register safe passwords: long ones, with mixed cases, numbers and symbols. I would also allow using printable ASCII characters only, because I am not sure if other symbols will work in a game client.Incorrect Email length rules. It is not “Min 6 and max 30 characters!” According to RFC standards it is 3 to 254 characters long with maximum 64 characters long local-part. I would recommend using not regular expression but some good third-party function to validate email (like FILTER_VALIDATE_EMAIL in PHP) and leave error description simple “Invalid email.” Serious mistakes in the business logic. “Username is taken” error when email is taken, “Password min. 6 characters!” error when password is longer than 15 characters, “Username 2 to 64 characters” error when account name is 2 characters long.No email confirmation letter. It not only protects from bots, it also proves that user’s email is real and working. And it is not so hard to implement.http://account.lineage2classic.com/ — OBT-server account registration form: Has no error explanations at all. “Something went wrong, try again!” is really confusing.Has the same weak Password rules. Rules that allow register a password that consist of spaces only or contains non-ASCII — both of them do not work in the game client.Allows registering multiple accounts with the same email.http://lineage2classic.com/ — website authorization form has: Login field. It should be Account Name, isn’t it? Moreover, it should be Account Name or Email because most people have dozens of nicknames or pseudonyms that they use as their Username or Account Name and only a couple of emails. So authorization on the website with the email seems reasonable. Insecure error messages. “Wrong password, try again!” means “Account with this name is registered.” Captcha. It’s annoying. Is it really necessary here?I highly recommend fixing and improving all that before release. I also recommend implementing password recovery by email and password change on the website before release too.
- 1 reply
-
- 3
-
- registration
- website
-
(and 1 more)
Tagged with: