Jump to content

Unable to log in. Client requesting password but google not autopopulating password.

Mac Mcleod

By Mac Mcleod
in Discussion

 Share

Recommended Posts

Mac Mcleod Potter

Mac Mcleod

Posted
Posted

This started without warning.  I'm signed in to the site and my password autopopulates here but it will not populate the password field on the game.
Anyone else seeing this / have a fix?

FatherMcGnutty Stone Age Settler

FatherMcGnutty

Posted
Posted
1 hour ago, traugdor said:

I'm going out on a limb here, but I'm guessing it's because the game is a standalone thing and not tied to the common ways that google autopopulates your password like it does in web browsers.

This. The Vintage Story launcher is not integrated with any sort of Google or Microsoft software, thus it will not be able to access any password save information from your Google apps. Also, you are only allowed to be logged into the client on one device at a time, so if you want to switch around to play on different computers you'll need to input your password every time. This being the case, I strongly suggest developing a habit of memorising, or at least writing down somewhere, your password.

Mac Mcleod Potter

Mac Mcleod

Posted
  • Author
Posted
11 hours ago, Mac Mcleod said:

This started without warning.  I'm signed in to the site and my password autopopulates here but it will not populate the password field on the game.
Anyone else seeing this / have a fix?

It has literally worked for the last 5 months and just suddenly stopped working sometime since last wednesday.

It looks like I have to say I forgot my password *again*, then copy the changed password, and paste it into the game *tomorrow* so I can play again.

Steel General Bronze Caster

Steel General

Posted
Posted

I've had the game forget my credentials with seemingly no excuse - no update, reboot, crash, or anything else to explain it. I've imagined maybe a certificate expired. Aside from that occasional weirdness, it ought just keep your information from the last use and go from startup to start menu without any interaction necessary.

For a secure password you can remember, just pick a series of words you can remember, add some punctuation, and trade a couple letters for numbers. E.g.: T33nage?Mutant!NinjaTurtles is a very secure password (or was, until just now :P ), and very easy to remember since it's just four words with slight modification. It's no easier for a computer to crack than any other 27 characters that include letters, numbers, and punctuation.

  • Like 1
Moltrey Potter

Moltrey

Posted
Posted (edited)

I am not sure what parts of Google passwords you all refer to here, but my Google Password Manager keeps two accounts with associated (and different) passwords for Vintage Story.

They are under vintagestory.at in the GPM list; one is 'account.vintagestory.at', the second is 'www.vintagestory.at'.

Edited by Moltrey
Teh Pizza Lady Steel Worker

Teh Pizza Lady

Posted
Posted
8 hours ago, Steel General said:

For a secure password you can remember, just pick a series of words you can remember, add some punctuation, and trade a couple letters for numbers. E.g.: T33nage?Mutant!NinjaTurtles is a very secure password (or was, until just now :P ), and very easy to remember since it's just four words with slight modification. It's no easier for a computer to crack than any other 27 characters that include letters, numbers, and punctuation.

Or just download KeePass and never forget another password ever again.

Mac Mcleod Potter

Mac Mcleod

Posted
  • Author
Posted
8 hours ago, Steel General said:

I've had the game forget my credentials with seemingly no excuse - no update, reboot, crash, or anything else to explain it. I've imagined maybe a certificate expired. Aside from that occasional weirdness, it ought just keep your information from the last use and go from startup to start menu without any interaction necessary.

For a secure password you can remember, just pick a series of words you can remember, add some punctuation, and trade a couple letters for numbers. E.g.: T33nage?Mutant!NinjaTurtles is a very secure password (or was, until just now :P ), and very easy to remember since it's just four words with slight modification. It's no easier for a computer to crack than any other 27 characters that include letters, numbers, and punctuation.

I would suggest adding 1 or 2 numbers to that.   Mutant!NinjaTurtles lacks numbers.  Also, some sites require special characters and then disallow the bang (!) / exclaimation.

One challenge  I also have here is that VS has done variants of this three times now in only 8 months.  Which has burned through every stable password pattern I had.

So now, yup, I changed it *AGAIN* this morning, WROTE THE NEW PASSWORD DOWN in 1" high letters and stuck it on the wall beside the computer.  And it's not a hyper secure randomized 32 character mixture of cases, special characters, and numbers this time but a new 4th stable secure pattern.

And this also happened to the guy I was playing with regularly a few days ago too apparently.

 



 

Mac Mcleod Potter

Mac Mcleod

Posted
  • Author
Posted
6 minutes ago, traugdor said:

Or just download KeePass and never forget another password ever again.

Thank you for suggesting that.  I had not heard of it.  However I find  this when I ask:

🔐 Key Security Risks of Using KeePass

1. Local File Vulnerability

  • KeePass stores the database locally (usually .kdbx), encrypted with a master password.

  • If the device is compromised (e.g. malware, physical theft), the encrypted file can be brute-forced if the master password is weak.

2. Master Password Risk

  • A weak master password makes the entire database vulnerable to dictionary or brute-force attacks.

  • KeePass does not enforce strong master passwords by default.

3. Clipboard Leakage

  • Copying passwords to the clipboard can expose them to:

    • Malware that monitors clipboard data.

    • Other local users (on shared systems).

  • KeePass clears the clipboard after a configurable timeout, but it's still a risk window.

4. Plugin/Extension Risk

  • KeePass supports many community-developed plugins.

  • Malicious or poorly maintained plugins could compromise security (e.g., logging keystrokes or leaking data).

5. Auto-Type Vulnerabilities

  • KeePass’s Auto-Type feature sends keystrokes to active windows.

  • This can be hijacked by:

    • Fake windows or focus-stealing malware.

    • Insecure window focus logic (especially on Windows).

6. No Cloud Sync by Default

  • Users often sync the KeePass database via third-party cloud services (e.g. Dropbox, Google Drive).

  • This exposes the encrypted file to the cloud provider, who could be compelled or compromised.

7. Insecure Configuration

  • Examples:

    • Not enabling secure desktop entry for master password.

    • Disabling clipboard clearing.

    • Using unencrypted XML exports.

8. Side-Channel Attacks

  • Not specific to KeePass (note this will get my google manager too), but any desktop password manager can be affected by:

    • Memory scraping attacks.

    • UI automation attacks.

    • Keyloggers.

Broccoli Clock Steel Worker

Broccoli Clock

Posted
Posted

Password vaults are not a panacea, but I certainly recommend them. I actually have KeePass installed locally, although I don't actually use it as I have LastPass as a browser extension. Is LastPass the most secure? Nope. Am I lazy enough to put up with the minimal risk? Yes. Have I used it for nigh on a decade? Yes. Have I ever been informed (or noticed) an account being hacked? No.

As the username/password is the same as the client area, and I needed to log in to download the game, the details are already in LastPass, but it's a browser extension so it's never going to automatically log me into a (non-browser) application. The same is true for KeePass. The only way for it to work is for the application devs to intentionally build this in.

 

Teh Pizza Lady Steel Worker

Teh Pizza Lady

Posted
Posted
21 hours ago, Mac Mcleod said:

Thank you for suggesting that.  I had not heard of it.  However I find  this when I ask:

🔐 Key Security Risks of Using KeePass

literally any password solution that doesn't use some sort of system in your own head is vulnerable to all of these. If you're playing Vintage Story in a location where *any* of these matter or even apply, then literally stop using that computer and get out of North Korea.

Teh Pizza Lady Steel Worker

Teh Pizza Lady

Posted
Posted (edited)

The better solution is to use a password pattern that is easy for you to remember.

mine is ColorSiteObject

Color = a color from the login page
Site = a shortened version of the site
Object = a random object on my desk

So an example for this site could be:

color = green from the header bar for Anego Studios
site = vsforums
object = chair 'cause i'm sitting in it.

Password could then be:

Gr33nvsf0rumsCH@!r    ((OBVIOUSLY THIS IS NOT MY PASSWORD))

image.thumb.png.05fa8771ac43379d1dec5ce1013e5b9e.png

I'll take my chances on this on ^^

Edited by traugdor
  • Like 2
Thorfinn Historian

Thorfinn

Posted
Posted (edited)
3 hours ago, traugdor said:

mine is ColorSiteObject

I use the same system, but since I am colorblind, it's always "grey". ;) 

Seriously, I do much the same, but many have the same easy to remember string fluffed up by other conditions. Something like "Bttdoahwnn," or "Iahitglah." or "Dnlafhdh!", which are, of course, "Been through the desert on a horse with no name,", "In a hole in the ground lived a hobbit." and "Doggone near lost a four hundred dollar handcar!" But, of course, those are now compromised. And too long for most password systems anyway.

The rest of the password is constructed similarly. Not those exactly, but much like them.

[EDIT]

The same site gave my PW here 93 trillion years. Which is way stronger than I care about.

Edited by Thorfinn
CageyLobster Wolf Bait

CageyLobster

Posted
Posted

Did Windows change any folders to a read only state? Could this prevent a file from being populated with your password and have the ability to write it?  I am uneducated in these matters and this is my W.A.G.

  • 2 weeks later...
Mac Mcleod Potter

Mac Mcleod

Posted
  • Author
Posted
On 6/12/2025 at 4:13 PM, traugdor said:

for additional reading:

https://xkcd.com/936/?correct=horse&battery=staple

Fortunately, no one wants to use a $5 wrench to get me to reveal my password to vintage story.

And it's ironic because we were breaking shared secret shard passwords (aka Shamir's invention) today and xkcd came up the same way.

In any case, I wanted to report there was an issue (that's affecting multiple players) that suddenly started.   
And to find out if maybe someone had a quick fix for the problem.

But it did cost me two days of play.   And by then I did start another game during those two days that I've been playing since.  And now the self-referential coded password is properly written down and pinned to the wall next to my computer.
 

Thorfinn Historian

Thorfinn

Posted
Posted (edited)

Weirdly enough, when I downloaded 1.21, Windows did populate my PW. It never has done so before.

[EDIT]

Then again, I had never downloaded 1.21 before.

Edited by Thorfinn
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.