Is It Safe to Give Mojo My Password?

If you want to use Mojo to launch DAOC, you have to enter your account password into Mojo.

Many people are reluctant to do this. I understand that. I’d feel the same way.

Maybe the info on this page will set your mind at ease.

There are two questions:

Can Rob be trusted?

Mojo was first published in 2010. It has been in continuous use since then. At one time it had about 2,000 users. Now, eight years later, in 2018, it has about 1,000.

As far as I know, nobody has ever complained that Mojo stole a password.

Before Mojo there was HotkeyNet. I wrote HotkeyNet in 2005 but I forget what year I published it for the first time. I think 2007. HotkeyNet was written for World of Warcraft but people also used it in DAOC. At its peak, HotkeyNet had about 10,000 users, mostly WOW players. As far as I know, nobody ever complained that HotkeyNet stole a password.

I’ve been publishing this kind of stuff for eleven years, and as far as I know, zero complaints.

Is Mojo written in a way that keeps my passwords safe?

I’ve been a programmer for 35 years but I don’t specialize in encryption and security. Those areas are very tricky and hard to get right. So I said to myself, “Google hires brilliant programmers who are world-class experts in their fields. I’ll find out how Google stores passwords and I’ll do it exactly the same way in Mojo.”

I got Google Chrome’s source code (it’s open source) and studied how it stores passwords on Windows. Then I copied that method in Mojo. I’ll describe this method technically in the next section.

How Mojo Stores Passwords

As I said a moment ago, Mojo uses the same method as Google Chrome. (Well, it was the same method as Google Chrome in 2010. Maybe Chrome has changed. I don't know.)

When you type a DAOC password into Mojo and press Enter, Mojo immediately gives the password to the operating system and asks the operating system to encrypt it using the CryptProtectData function.

Mojo immediately nukes the memory that held the unencrypted password so it can’t be read by any malware that might be on your computer.

The operating system encrypts the password and gives the encrypted (unreadable) version back to Mojo. Mojo saves the encrypted (unreadable) version in your settings file.

Only the operating system can decrypt this encrypted version, and it can only do so if you log into Windows with the same Windows user account that you used when you saved the password.

Here’s what an encrypted password looks like. I just copied this from my own settings file:

AQAAANDInd3BFdERjHoAwE/Cl+sBFFFFNuOuBo8NgUGN/aOTjz+jEAAAAAACAAAAAAAQZgAAAAEAACAAAAAkpr+aZGrYpOO0umFvplE7kWQe3PsUULooEGZm5TkeqwAAAAAOgAAAAAIAACAAAAD0wmMramixH5cQJZ5FCRPY46Kc9xTS+rQrfMAvbhq0SiAAAADlt3dr7/vhTb17RtrQRx6r2TguQHdEde8J7lQmx/eMqEAAAADBwfLu/2TFR5BDQczWdKoSiqZKg6WuBSZsHQz0seK6foIVPYEwV4nks1ILYLPOj1CoTLFyYavq2oMN2ja2gpnv

Nobody can decrypt that except the operating system, and the operating system can do it only when you log into Windows.

Later, when Mojo launches DAOC, it gives the encrypted (unreadable) password to the operating system and tells it, "Please decrypt this for me." Mojo uses the operating system’s CryptUnprotectData function for this request. Because you launched Mojo as administrator, the operating system regards Mojo as your agent, and if you are logged into Windows on the same user account you used to save the password, the operating system gives the decrypted password to Mojo. Mojo hands the password to DAOC and nukes the memory that was used when the operating system delivered the unencrypted password.

At no time does Mojo save a copy of the unencrypted (readable) password. Mojo does nothing with it except hand it to the OS when you save it and hand it to DAOC when you launch.

Why does my antivirus program object to Mojo?

Antivirus (AV) programs object to Mojo because Mojo uses low-level programming techniques to manipulate DAOC. For example, Mojo adds options to DAOC’s system menu.

When AV programs see Mojo manipulating DAOC, they say to themselves, “This is what malware does — it manipulates other programs. I’m going to flag Mojo as malware.”

Mojo is manipulating DAOC for good reasons, not bad ones, but AV programs don’t know that. All they know is that Mojo is manipulating DAOC. To AV programs, that’s a red flag.

Because AV programs distrust Mojo, and because Mojo manipulates DAOC, if you launch DAOC with Mojo, the AV programs also distrust DAOC. This makes AV programs monitor everything DAOC does, and this can slow DAOC down, especially when it loads.

To prevent this slowdown, put both Mojo.exe and game.dll on your AV exclusion list.

This page was first published on February 2, 2018 and last modified on February 3, 2018