Autorization of Name/Password Failed at Login

Resently my HD crashed and had to make a fresh install of XP. Tribes 2 is on a separate hard drive and was untouch, but I was unable to get the game running. I don't know if I screwed up here but I downloaded and reinstalled useing the TribesNext_rc2a.exe file. No problem here. Tribes 2 responed but I was unable to login. The aurtherization advised that I was useing an incorret user name or password. This is not a case of forgetting this information. I know my password and I am useing the same warrior name I have always used. I tried to create an account useing the same warrior name "]-[barr", but was rejected because it was already in use. Fortunetly I was able to create another account, which got me into the game right away. I still would like to get my original warrior name back. Any suggestions

Comments

  • Did you try to log in via the account retrieval system, or did T2 think it already had a properly generated key from your last install?

    ...not that I have any idea how this s*** works.
  • The only source of the incorrect/user-password error is an incorrect username or password. Check your caps-lock/shift key.

    If you have indeed forgotten your password, you will not be able to recover your original account. There is nothing anyone can do about that, since the account server does not have recoverable versions of your passwords necessary to decode the private account keys.
  • Did you try to log in via the account retrieval system, or did T2 think it already had a properly generated key from your last install?

    ...not that I have any idea how this s*** works.
    yt2005 I tried as you suggested but the return stated "Credentials download was unsuccessful. Check your name/password". Of course this was attempting to obtain the credentials using the original warrior name "]-[barr". The current warrior name "Hbarr" did allow me to log onto Tribes so the retrieval system does appear to work.
    The only source of the incorrect/user-password error is an incorrect user name or password. Check your caps-lock/shift key.

    If you have indeed forgotten your password, you will not be able to recover your original account. There is nothing anyone can do about that, since the account server does not have recoverable versions of your passwords necessary to decode the private account keys.

    Thyth I do not wish to appear that I am arguing with you, but I have not forgotten my password. I suppose there is no way to produce hard evidence to support my statement, short of leaping to the past and taking you with me to witness the original application. I will state, however, that the password is the password I have used since purchasing Tribes2. In addition the password is a combination of my initials and, for the want of a better description, my employee number. In other words not likely a password I would forget. The warrior name ]-[barr is too unique to forget and I fail to understand why the insistence that I have forgotten either is the first thing that is considered. Is it at all possible to clear the sever records of "]-[barr" so that I can reapply for the credentials using that name? All I would really want is to get the warrior name "]-[barr" back. If it is not possible, oh well, that's life.
  • Local account decryption and authorization for a credential download happen in two fundamentally different ways. Failures in both can only be an incorrect password. So, quite simply, there is no possible way that the account server would reject a credential download OTHER than not entering the password associated with the account.

    When you generated your account, your client(!) computed a SHA1 operation on the password you selected and sent it to the account server. The account server has stored (and never altered) the original hash sent by your client, and uses it to verify you have the passwords for download authorization requests. The account server never handles an unhashed password directly.

    If you're interested in attempting to recover your account password, I can provide you with the SHA1 hash of your username and password stored by the account server. These hashes cannot be inverted directly, and must be brute forced in a forward manner to recover the actual password. The server stores sha1("3.14159265" . lowercase(username) . password), which as mentioned above is computed by the client and simply stored by the account server.

    For example. A user with account name 'User' and password 'password' would have sha1("3.14159265userpassword") stored, which is 08445a31a78661b5c746feff39a9db6e4e2cc5cf. If you're given that hexadecimal hash, and try all possible passwords, you'll eventually find the source input to SHA1 that matches your data. SHA1 is industry standard for this purpose, so I'm sure you can find utilities online to perform this task.

    Deciphering your password in this manner is the only way you'll be able to recover your account... short of remembering what you actually entered in when you made the account (and yes, I'm still sticking to the 'lost password' explanation).

    For certain architectural and performance reasons, deleting an account is not feasible, so making the name available again is not possible. I'll PM you your SHA1 hash if you're interested, but otherwise, consider it unrecoverable.
  • edited September 2009
    Thyth, I was poking around in the scripts area of T2 and happened to click onto Authentication Client/Options. A window gui appeared listing the username “Hbarr” and the passcode ********. It appears that both can be changed because a curser appears in the username box. Also the passcode is plainly displayed. There are no asterisks masking the letters, numbers, or other punctuation marks. It is the same password I have used since purchasing Tribes2. I did not change anything at this point, choosing to learn more about this window. Are you aware of this area and window? Is it possible to change the username, “Hbarr” currently listed, to “]-[barr”, the desired warrior name, and be authenticated after logging onto Tribes2? I admit I am reluctant to change anything for fear of loosing the “Hbarr” identity and left with searching for a new identity. I figured though I could pick your brain and feel a little better about proceeding.

    Oooooo, ouch! Apparently you were posting as I was writing this post and I missed reading your post until I posted. Hmmmm, is that understandable, hmmm. Well anyway I/m sorry to hear there is no way to clear the records of the “]-[barr” entry. I guess that was my last hope, but dose the above have a possibility? As far as breaking down the SHA1 hash I appreciate that but I think is it a little beyond my knowledge.
  • When you created the account, did you tell T2 to remember your account/password?

    If so, I would guess that maybe it was originally incorrect and now you are typing the correct password multiple times.

    In this case, try it WITH the caps lock on, and by varying different characters with nearby ones, etc. This cuts the pool of passwords you need to attempt to use when brute-forcing things.
  • edited September 2009
    teratos, Yes I suppose there is a possibility of that scenario because I did ask it to remember me. I have tried the caps lock on without success. I guess I will have to safe guard the "Hbarr" ID at all costs for ]-[barr will no longer exist to the world of T2. Not only that, but now my sparkly “H” avatar is endanger of becoming extinct. :-\ :'( :'( :'( :o
  • -
    -[barr link=topic=1530.msg16082#msg16082 date=1252266841]Not only that, but now my sparkly “H” avatar is endanger of becoming extinct. :-\ :'( :'( :'( :o

    Well, there are still 161 ways you can use [, ], and | to make an H, if you're willing to use - or -- for the crossbar. If you're willing to use (, ), {, and } also, your possibilities shoot up to 1249. I don't think you'll be running out of ways to make your sparkly H anytime soon.

  • Well, there are still 161 ways you can use [, ], and | to make an H, if you're willing to use - or -- for the crossbar. If you're willing to use (, ), {, and } also, your possibilities shoot up to 1249. I don't think you'll be running out of ways to make your sparkly H anytime soon.

    ;D ;D ;D Yippy!!!! :-* :-* :-* ::) :o
  • I'm always right; the password you were entering to log in was not the password you used when you registered the account.

    I was running diagnostics on a cluster, and decided to run your SHA1 through my distributed cracker for testing. It took about 2906 computer hours to brute force over the possible search space on a reasonably fast cluster (so, I'm not repeating for anyone else who loses their password).

    Join IRC if you want the password to this account, Hbarr.

    The only reason I did this is for absolute (and public) demonstration that the only way you lose access to an account is by losing the password. Let this be a lesson to anyone else who forgets their password: lose the password and you lose the account.
  • Well, I will now announce to the world of tribes how foolish thoughts and iron clad memory can lead one to embarrassment and remorseful action. I, in this thread, insisted that my logon password could not have been forgotten. After all, to my mind, it was the only password ever used since the beginning of Tribes2. I can not explain how or even why I would have changed the password to what is on record. The selection of remember my password more than likely precipitated and established my memory of the facts as I thought they were, but the fact is I changed the password. Thyth, after my constant insistence, took the trouble of deciphering the code to reveal the password. He was not obligated to do so nor should he be expected to furnish passwords that are lost or forgotten. I’m sure the difficulty and explanation I published in the above thread provoked him to carry out the task, if nothing more than to prove his position on password confidence. I am truly grateful to him for forcing the information from the code, and I humbly apologize for thinking my memory infallible. Thyth, I searched the web, high and low, granted it was a very short period of time that I conversed with you in the chat channel, for a picture to publish here but was unsuccessful. Please, close your eyes, and picture a young basset hound, tail firmly tucked between its loins, large sad brown eyes, head tilted slightly to the right, peering up into your face, and captioned “Thank you”.
  • epic thread
This discussion has been closed.