private boolean validatePassword(String password) { if (!Util.isDigit(password)) { return false; } if ((password.length() < 6) || (password.length() > 8)) { return false; } return !SecondaryAuthData.getInstance().isForbiddenPassword(password); }
public boolean checkPassword(String password, boolean skipAuth) { password = cryptPassword(password); if (!password.equals(_password)) { _wrongAttempts++; if (_wrongAttempts < SecondaryAuthData.getInstance().getMaxAttempts()) { _activeClient.sendPacket( new Ex2ndPasswordVerify(Ex2ndPasswordVerify.PASSWORD_WRONG, _wrongAttempts)); insertWrongAttempt(_wrongAttempts); } else { LoginServerThread.getInstance() .sendTempBan( _activeClient.getAccountName(), _activeClient.getConnectionAddress().getHostAddress(), SecondaryAuthData.getInstance().getBanTime()); LoginServerThread.getInstance() .sendMail( _activeClient.getAccountName(), "SATempBan", _activeClient.getConnectionAddress().getHostAddress(), Integer.toString(SecondaryAuthData.getInstance().getMaxAttempts()), Long.toString(SecondaryAuthData.getInstance().getBanTime()), SecondaryAuthData.getInstance().getRecoveryLink()); _log.warning( _activeClient.getAccountName() + " - (" + _activeClient.getConnectionAddress().getHostAddress() + ") has inputted the wrong password " + _wrongAttempts + " times in row."); insertWrongAttempt(0); _activeClient.close( new Ex2ndPasswordVerify( Ex2ndPasswordVerify.PASSWORD_BAN, SecondaryAuthData.getInstance().getMaxAttempts())); } return false; } if (!skipAuth) { _authed = true; _activeClient.sendPacket( new Ex2ndPasswordVerify(Ex2ndPasswordVerify.PASSWORD_OK, _wrongAttempts)); } insertWrongAttempt(0); return true; }