View Single Post
Old 05-28-2009, 11:36 AM  
Senior Member
Join Date: Feb 2006
Posts: 138

I'm aware of the "fix" - however having client fix a server generated error message isn't really an optimal behaviour :P

Another thing; the error message is really not explaining what is wrong..
Another example of weird error message is when client doesn't have ip added.. the error displayed then is "Invalid Password", even if there's a valid log entry. I suppose you could defend that one with avoiding attacks, but I'd love to have an option to use a more explaining error message.. I find it fairly unlikely that an attacker manages to get a valid username AND password without getting banned for hammering first...
pion is offline   Reply With Quote