Re: Prevent password reversing.
« Reply #2 on: June 15, 2015, 10:41:23 PM »
Please don't confuse the two terms encryption and hash. I know that StarCraft uses a broken version of SHA-1, which is known as XSHA-1, but I don't know about WarCraft 2 so I'll assume that they both use XSHA-1 for the rest of this post.
XSHA-1 hashes can be reversed and based on the allowed characters for passwords, the original password can be deduced. After deducing the original password, just handle it as any other modern server would.
You can also just use some combination of multiple rounds of SHA-2 and salt on the XSHA-1 hashes themselves.