This wiki is archived and useful information is being migrated to the main bzflag.org website
Editing Master-ChildAccountSystem
Warning: The database has been locked for maintenance, so you will not be able to save your edits right now. You may wish to copy and paste your text into a text file and save it for later.
The administrator who locked it offered this explanation: Archived wiki
The edit can be undone.
Please check the comparison below to verify that this is what you want to do, and then save the changes below to finish undoing the edit.
Latest revision | Your text | ||
Line 35: | Line 35: | ||
===Specifics=== | ===Specifics=== | ||
− | # Child accounts should never be able to set a password, they must always use | + | # Child accounts should never be able to set a password, they must always use a randomly generated password from the site for enhanced security against weak passwords. |
# A separate table would need to store a record that stored the data from every master user that created a child account. This includes the Child account name, date, IP address used, and a flag indicting that the user checked the "I agree" checkbox on the new child account form. This table is the proof that the user is agreeing to let us store the data for the child. | # A separate table would need to store a record that stored the data from every master user that created a child account. This includes the Child account name, date, IP address used, and a flag indicting that the user checked the "I agree" checkbox on the new child account form. This table is the proof that the user is agreeing to let us store the data for the child. | ||
# The current PHPBB system will need to be modified to check the child account list when creating new accounts to know what names are invalid. | # The current PHPBB system will need to be modified to check the child account list when creating new accounts to know what names are invalid. | ||
− | # Child accounts should not be allowed to login to webauth and only be allowed to authenticate in game | + | # Child accounts should not be allowed to login to webauth and only be allowed to authenticate in game. |
# Child accounts should be added to a special "group" on the list server to identify them as child accounts. This will let servers know if the account is a child and they can set permissions appropriately. | # Child accounts should be added to a special "group" on the list server to identify them as child accounts. This will let servers know if the account is a child and they can set permissions appropriately. | ||
# A method should exist for converting a child account to a master account with the master account's permission. This can be used when a child turns 13 and is capable of maintaining their own account. The master account would be asked to agree to a set of terms that state that the new user is of age. | # A method should exist for converting a child account to a master account with the master account's permission. This can be used when a child turns 13 and is capable of maintaining their own account. The master account would be asked to agree to a set of terms that state that the new user is of age. |