I've read up on some of the old threads dealing with passwords and security.

I'm just curious on how/what is being done to increase the security on stored passwords to maybe use the md5 to hash the password to make it non plaintext.

I've got the sqlite db-file ironed out (so i can sync my members password from our member-db to the ts-db), but am fairly opposed to store our members passwords in my db as plaintext. (They are currently stored as md5-hashes).

Anyways, as php5 have native sqlite support, it'd be fairly easy to make a php-api, class or whatever to work the ts sqlite-db entirely or in part from within the current clan-pages for instance.

Have a great holiday.

Well,

teamspeak supports mysql too, just wait for the upcoming server release (b50), all should be explained there.
Password security:
Saved in Client Configfile -> obfuscated.
Trasmitted over network -> cleartext
Saved in serverdb -> cleartext.

For the final we want to have it like this:

Saved in Client Configfile -> Hash
Transmitted over network -> encrypted
Saved in serverdb -> hash

My TS-box is running on a linux-router without anyother services then ts and routing.

I've put in place a copy of the php-cgi inside my homedir, and made a php-script that cron's every hour the usernames and passwords from my clans mysql-server (Actually, it reads a csv-file i generate with every change in the member-roster on the clan-site, but that's a different story).

I'm just not so happy with having the passwords in plain-text, but if it is planned for the final release, then it's good.

A hash like the md5 exist in every (?) scripting language and would be a good yet simple solution for the final product...

Anyways, the current dirty-hack i have in place works, but is not very secure.

It is not a good idea to manipulate the db file directly if there is another way.

If you want to change passwords via a script better use the TCPQueryPort.
This way you are always compatible with any hash the TS team may choose.
Also you will not have any problems if there is any caching in place for the DB.

Yes, i have looked at that option as well, but it was easier to make a quick sync of the current userbase this way.

One way to safely do the sync is to stop the server, sync, and start the server again.

Hello,
just got teamspeak...hooked up headset and mic. Really just want to use for bf 1942 but am asked for the password ??
Where do i get the passwords to play games??:confused: :confused:

Hey man you are in the suggestion forum.

You don't need password to play games with TS. In fact TS is independent form the games. It just runs paralell.
You have to connect to a TS server though. Some servers require a password some don't.
On voice.teamspeak.org you can connect without a password.

Please read the client manual that is available under the Help menu of TS.