Big issue to which i think i have an answer to

Comments

7 comments

  • Sir Obsidian

    If people wasen't logging tokens they would be logging your passwords & emails.
    The token system is created as a login / authentication system. Without Tokens (for users or bots) The only way to login would be via username and password.
    Your idea isn't completely ridiculous, but it is still kinda dumb.

    1
  • DarkCheese_

    I dont know ANYONE who uses tokens to login. Noone should be able to login using tokens as its just dum, username and password is how people have logged in using for centuries its too late to change now from 2 strings to 1 string of text. 

    1
  • DarkCheese_

    yes most services do use these tokens.

    But most services refreshes the tokens everytime you launch, even minececraft refreshes the token when you launch, everytime.

    1
  • Sir Obsidian

    Actually most services use tokens or similar things. Minecraft uses their own accessToken thing.
    The idea of using tokens has been around of years probably. Or longer. As its one of the best ways for authentication. Logging in using email and password retrieves your token for you to be able to use the service in the first place.

    0
  • PickleArmy

    You're both right, but I'm going to agree on Dark's last message, the tokens should refresh every time if they don't. I don't use my token so I don't know if they do or not.

    0
  • Sir Obsidian

    PickleArmy, tokens refresh everytime you change your password. 
    If Discord were to do anything about token logging they would have to change everything on how the gateway (user accounts) use work.

    0
  • DarkCheese_

    Everyone knows it refreshes everytime you change your password, but i wont change my password every time i launch discord, Discord should refresh everytime you launch it to prevent token logging.

    0

Please sign in to leave a comment.