Poor Poor Credentials

My account, naelstrof, is constantly denied access despite me entering the correct password. I ended up making a new account, named nael, (making me a smurf) which now even the new account is denying access. It's been a while since I've played, but I'm pretty damn sure my universal password hasn't changed.

I would really appreciate if I didn't have to make yet another account just because I want to pick the game up again, would someone kindly delete my naelstrof account so I can properly recreate it and write down my credentials?

Thanks for any help.


  • Oh, and I forgot to mention. I did try to contact Thyth in the IRC server, but the server wouldn't let me connect as it thought I was a bot.

    I feel like I'm sacrificing a lot of my time and happiness for all this nearly useless security.
  • ThythThyth Apotheosis Incarnate
    I see your two accounts were both created some time ago: naelstrof at 2012-05-13 02:00:03, and nael at 2012-09-23 23:03:20.

    Two questions:
    1) Were you able to play with these accounts at all after you created them?
    2) Have you reinstalled the game between the creation of the account and now?
  • Thanks for your quick response! I couldn't play at all with the naelstrof account, which led me to using an account made by my friend (which I've forgotten the credentials for entirely). Eventually I made the nael account which worked properly, but since then I've gotten a new computer so I had to reinstall tribes 2.

    So to answer your questions:
    1) Yes, only nael.
    2) Yes.
  • ThythThyth Apotheosis Incarnate
    The first "login" on a new computer involves a slightly different process from subsequent logins. On this first login, you do an "account retrieval", which opens a network connection to the account server, does a password negotiation, and if the hash matches the value stored by the account server, it sends over account certificate blobs (public and encrypted prviate).

    On all subsequent logins, it's a fully offline process -- no network connection is required, the previously downloaded private certificate blob for the account is decrypted with the user entered password.

    Unfortunately, the error messages/handling in the download process are non-specific to the source of the problem. If the account server is offline/unreachable, the UI will show the same error as if an unknown username/incorrect password was entered. This was addressed in the code base, but, we haven't actually pushed a new patch version in almost 4 years. It's possible (especially if you're having IRC connectivity difficulties), that something is also interfering with the communication process to the account server.

    If you open the new account creation wizard, the first page should attempt to connect to the account server, and will show green "online" or red "offline" message, which should be helpful (but is not always conclusive) in identifying network issues.

    If you haven't formatted your old computer, you can also manually copy the account certificate blob storage files from your old installation to your new one. They are the public.store and private.store files stored in Tribes2\GameData.
  • I see, unfortunately I was unaware of the delicacies of the login system and as such I do not have access to the old files at all.
    I do in fact have a green online message for the account server though, but it seems as though you cannot do much for my lost account issue.

    I'll just make another account, and save the relevant files for retrieval somewhere. Thanks for your help.
  • ThythThyth Apotheosis Incarnate
    I could pull out and send you the relevant blobs from the account server database, but, ultimately, since the correct password is still required to actually use them, it's not clear that it would be helpful to you. The account system has been intentionally designed so that I can't see user passwords on the system.

    I'm forever skeptical of "I swear I entered the right password" claims, though, regardless of how insistent they are. I did run a brute force several years ago for a user who was absolutely certain he used a specific password for his account. I was testing a new high performance computing cluster, figured "why not?", and since the password was under 9 characters, I was able to recover it. As it turned out: the user used a different password than they thought. The thread: http://www.tribesnext.com/forum/index.php?topic=1530.0
  • That's completely understandable, thanks for your help!
  • That's completely understandable, thanks for your help!

    Just a random note but I did notice on a Windows 8 machine I had the same types of problems. Pretty much the same configuration I had back on XP software wise, anti-virus and all that. I copied the credentials over from my old machine and was able to log in after that but there very well was simply a problem with a firewall or something. I just haven't actually investigated it as Windows 8 drove me up a wall and I switched to Linux, running everything in virtual machines.
Sign In or Register to comment.