Suggestion: Improve Multiplayer "Connect to Address"

Post your ideas and suggestions how to improve the game.
Post Reply
NaahsTea
Manual Inserter
Manual Inserter
Posts: 4
Joined: Fri Jun 05, 2020 10:09 pm
Contact:

Suggestion: Improve Multiplayer "Connect to Address"

Post by NaahsTea »

TL;DR
"Connect to Address" is quite simple and could remember more than only the lastest address used.
What ?
My suggestion comes with two levels of implementation to improve the experience with multiplayer (re-)connecting to a private server:

1. Remember the password from the latest address and try it, if the address have not changed.
2. Extend the "Connect to Address" to a collection of private servers the player can manage. (Best: steam sync of this collection)

Why ?
If a player is playing a lot on private servers, he has to remember or keep track of all addressess and passwords.
Reducing clicks and keystrokes to (re-)enter a private will bring more joy to those playing a lot on private headless factorio servers.
Last edited by NaahsTea on Mon Jul 20, 2020 5:54 pm, edited 1 time in total.

Koub
Global Moderator
Global Moderator
Posts: 5923
Joined: Fri May 30, 2014 8:54 am
Contact:

Re: Suggestion: Improve Multiplayer "Connect to Address"

Post by Koub »

And how should be secured the stored passwords ?
Koub - Please consider English is not my native language.

NaahsTea
Manual Inserter
Manual Inserter
Posts: 4
Joined: Fri Jun 05, 2020 10:09 pm
Contact:

Re: Suggestion: Improve Multiplayer "Connect to Address"

Post by NaahsTea »

Koub wrote:
Mon Jul 20, 2020 5:52 pm
And how should be secured the stored passwords ?
You can use a symetric encryption scheme where the secret key is derived from the logged in (steam, factorio.com, etc.) user.
The server passwords can then be encrypted with the secret key and stored locally in an sqlite file for example.

This should work for all operating systems.

Koub
Global Moderator
Global Moderator
Posts: 5923
Joined: Fri May 30, 2014 8:54 am
Contact:

Re: Suggestion: Improve Multiplayer "Connect to Address"

Post by Koub »

Seems legit (from my point of view, but I'm no crypto expert, I just have basic understanding of these things).
Koub - Please consider English is not my native language.

User avatar
ssilk
Global Moderator
Global Moderator
Posts: 11348
Joined: Tue Apr 16, 2013 10:35 pm
Contact:

Re: Suggestion: Improve Multiplayer "Connect to Address"

Post by ssilk »

I would feel much better, if the used encryption has nothing to do with the logged in user. I mean it’s the same level of encryption as the password storage of your browser. But I’m also no expert... ;)
Cool suggestion: Eatable MOUSE-pointers.
Have you used the Advanced Search today?
Need help, question? FAQ - Wiki - Forum help
I still like small signatures...

NaahsTea
Manual Inserter
Manual Inserter
Posts: 4
Joined: Fri Jun 05, 2020 10:09 pm
Contact:

Re: Suggestion: Improve Multiplayer "Connect to Address"

Post by NaahsTea »

ssilk wrote:
Tue Jul 21, 2020 3:30 am
I would feel much better, if the used encryption has nothing to do with the logged in user. I mean it’s the same level of encryption as the password storage of your browser. But I’m also no expert... ;)
Yeah, the idea is the same, but it is still a slight difference.

Under Windows your browser uses the logged in Windows user. This means if the computer is unlocked your browser passwords are accessable.
Using the steam or factorio user unlocking the computer doesn't expose your factorio server credentials (except auto login to steam is enabled).
At some point the user is responsible to their own security.

To be honest the only way to secure it even more would be to use a master password inside factorio. This means less convienent and more secure.

Finally, the developers have to decide how much they believe the server credentials have to be secured. In the end it will always be a trade-off between security and convenience.

quyxkh
Filter Inserter
Filter Inserter
Posts: 851
Joined: Sun May 08, 2016 9:01 am
Contact:

Re: Suggestion: Improve Multiplayer "Connect to Address"

Post by quyxkh »

One way you could do this is to tie the stored credentials to the server, the password and the authorized user, so the server can see a hash code and verify that it's the hash code it would have given that specific user without giving away any secrets. The server can have its own secret id along with its own secret (existing) password, when a user presents the password correctly the server hands out a hash of the userid, the password and its own secret id. When a user presents a hash code, the server checks against a hash of the userid, its current password and its secret id, if the result matches what the user sent, that user previously offered the current password to that server. Leaking the secrets the user stored can't help anyone else.

Post Reply

Return to “Ideas and Suggestions”

Who is online

Users browsing this forum: Nosferatu