Ian Clarke wrote: > Not a bad idea, anyone see any problems with it? It would be more secure to use a public key fingerprint instead of a password - that way we only need to worry about active MITM, not eavesdropping, and the ref can still be reasonably short (you could trade off security against convenience by using a shorter fingerprint - even 32 bits would be more secure than most passwords).
FWIW, Alliance refs are short base64 strings that seem to include the IP address, port number and some kind of authentication token. Pretty convenient for cutting and pasting. Cheers, Michael
