TeamSpeak 2 (and many other systems) use a username/password based authentication system. Each user is identified by a unique username but must also supply the correct password to be able to claim the username and permissions associated with it. TeamSpeak 3 uses a public/private key authentication system. It basically creates an "identity" file on its first start-up which contains a public and a private key, when connecting to a server it sends the public key and proves through a cryptographic protocol that it also must have the matching private key (without actually sending the private key). If you are having problems understanding this concept think of the public key as a randomly generated user name (which is guaranteed to be unique in the whole world due to its length), and the private key as kind of password but wrapped in some clever math to avoid to ever having to send the actual private key to the server.
Username/Password Authentication
+ Since you picked the username and password you will hopefully be able to memorize this data. This allows you to access your account from anywhere in the world, using the information stored in your head to pass authentication and hence gain access to your privileges.
+ Username/password authentication is the most used authentication scheme out there so users should have an easier time understanding the concept.
+ Since username/password authentication is the most used authentication scheme out there it might be easier to integrate existing user bases that already use username/password authentication into TeamSpeak. Here is a thread explaining how to do it with TS3: http://forum.teamspeak.com/showthread.php?t=56435
- Passwords chosen are often weak and/or used in other places. One compromised password of a server admin is usually enough to totally ruin the gaming experience of all members of the affected TeamSpeak server for a couple of days. This issue is especially true for TeamSpeak because:
- It's "just for gaming", many people don't give a second thought about choosing a strong password. Try to make sure that the password isn't one that you commonly use to increase your server security.
Public/Private Key Authentication
+ Since public and private keys are generated randomly (and are much longer than the usual username or password) they are virtually impossible to get at, they contain no pattern that can be exploited and the length prohibits any brute force attack (try all possible keys). Even eaves dropping onto a client as he connects to a server (man in the middle attack) will NOT gain you any insight.
+As there is no need to manually pick a username and password the whole registration step of username/password based systems is no longer necessary. This makes the system easier and more intuitive to use as you just connect and the server automatically recognizes you.
- If you want to use your account from a different computer or after reinstalling your computer remember to export your public+private key first so as not to lose your details.
Conclusion:
TeamSpeak 3 uses state of the art cryptography for authentication, making a huge leap security wise as compared with TeamSpeak 2. There are some minor hassles when switching computers (export identity) but this is a task most users will not need to do at all and is no big deal usually even when this is forgotten.
Comments
0 comments
Please sign in to leave a comment.