Comment by rubendev

Comment by rubendev 8 days ago

1 reply

View on Hacker News

If the program has access to the credential, and the program is running on your computer, you also have access to the credential no matter how they try to obfuscate it.

What the game dev is supposed to do is have an account system on their backend, and ask the player to enter their credentials in the game. The game can then identify itself as this player to the backend servers. That way any actions on the backend can be attributed to a particular player and you have a good basis to make security decisions on.