Both privacy and transparency are extremely important to me. I want to make the following completely clear:
- Passwords are stored in a hashed format that I cannot read. Passwords can be overriden by myself, if I ever need to do so for some reason, without knowing what the actual user password is - I have neither the need nor the desire to know users' passwords.
- When using a command that involves passwords (logging in, setting password on character creation, changing a password), the actual password is not logged in the commandlog.
- Tells (private direct OOC messages from one user to another) are not actively monitored, but they are logged in the commandlog along with everything else, and may be searched through in cases of reported harassment or possible bug/mechanics abuse.
- User IP addresses are logged in a hashed format to help connect alts for alt restrictions, as well as to help identify spambots, trolls, and other disruptive users who may try to simply switch to a new character after being punished or banned. As the addresses are hashed, a user's actual IP address can't be determined unless compared against known hashed addresses (MudConnect's IP address and a list of known spammer addresses, in this case).
- ALL commands are logged. The only semi-exceptions are commands regarding passwords (see the second bullet point of this list).
- Email addresses (optionally provided by users for certain alert features) will not be given out to anyone for any reason.
- Any active GM monitoring of users tends to halt if ERP (Erotic RolePlay) starts up. It still goes to the logfiles with everything else, however, so please keep that in mind.
All the above said ...
- This is all essentially on my honor. While I give my word that I will honor all of the above, I'm just some guy running a server, not some registered business or organization that has all sorts of accountability measures in place. If there are any trust issues, users are encouraged to simply not provide or communicate any sensitive information while connected to the game.
- Consider using unique passwords for your account here, rather than re-using passwords you use for other services. It's worth the peace of mind for everyone.
- It's possible to typo a password command, and then have the commandlog log the whole thing in plaintext. If a user uses an incorrect login/password command that includes their password, the system won't know to omit the sensitive information.
- If there is a desire to have a private conversation between users without my having any chance of seeing it, please use a third-party instant messenger, email, or any other communication method outside of the game.
- While I really don't see it happening, it's possible I could be subpoenaed for information by the government. I'd resist, because I'm a huge privacy advocate, but I'm not going to jail over any of this if things get ugly.
- Just don't provide or communicate any sensitive information via the game. It is by no means a secure private communication medium.