Skip Login Window

Hi,
everytime when I run Unity, it pops up the login window and ask for email address and password.
How can skip this window, and get into work offline straight away?

 

Your best bet is to use the "Work Offline" button.


Just want to note, if I want to avoid the login screen, you should sign in at least once. On some occasions, the login window would come back (for me this happened rarely, but not a problem)

 

Login window comes back virtually every time I run Unity. "Remember Me" option does literally NOTHING and is rare case for celebration when the window actually DOESN'T come back.

Seriously, is it so hard to save login details to some text file and then transmit it to Unity's servers each time Unity is ran? Even Steam doesn't have such issues.

Here, in pseudo C# code:

Code (csharp):

1. void onLoginClick(){
2. if (rememberme.checked){
3. TextFile logindetails = new TextFile("%appdata%/unity/logindetails");
4. logindetails.rewrite();
5. logindetails.writeline(email.text);
6. logindetails.writeline(password.text);
7. } else {
8. if (fileexist("%appdata%/unity/logindetails")){
9. deletefile("%appdata%/unity/logindetails");
10. }
11. }
12. TryLogin(email.text,password.text);
13. }
14.  
15. void onLoginLoad(){
16. if (fileexist("%appdata%/unity/logindetails")){
17. TextFile logindetails = new TextFile("%appdata%/unity/logindetails");
18. logindetails.openforreading();
19. email.text = logindetails.readline();
20. password.text = logindetails.readline();
21. TryLogin(email.text,password.text);
22. }
23. }
24.  

Problem Solved.

 

If by "problem solved" you mean "password written to hard drive in plain text for anyone or anything to read" then yeah, sure.

This is exactly why you shouldn't reuse passwords for anything important. Someone will do this with one of your passwords somewhere, and then someone else will get access to it*, and then your password is out in the wild...

* Because if they're this insecure then they're also a really easy target.

 

Then don't click "remember me" on shared computers? Also, friendly reminder, if someone else has physical access to your computer, it isn't your computer anymore.

 

I guess some of you guys are unlucky because everything works fine for me
...like when CryEngine launcher didn't work for me

Just remember that computer files can be acquired remotely as well, so you don't have to be physically there.

 

It's pseudo code. The final version would probably be more...

 

You're giving an example for Windows. It isn't like someone couldn't just hack into it remotely.

 

This has nothing to do with what I'm talking about.

First: Any software running on your computer has access to those plain text files, and potentially other files with important information as well. It only takes one piece to be dodgy or have a vulnerability.

Second: The server you're logging into also needs to have something to check your username and password against. I dearly hope they're doing something more secure than just storing them all in plain text...

 

You don't store the password you store a token which proves you knew the password at some time. Typically such a token will have an expiry date, and its been generated using a secret from the hosting server (or stored on the hosting server) and thus not transferable.

It's still a pretty simple implementation.

For me Unity's mostly works, although it still has more issues than any other similar application or web site I use.

EDIT: For more security (i.e. a basic level) you wouldn't actually send the token either. You would instead use the token as the encryption key for some kind of MAC/HMAC on your requests.

EDIT: Why am I rambling on about basic security...

 

Partly because it's fun, and partly because it's something people should in fact really be informed about?

You're right, it is a simple enough implementation. The problem isn't that it's hard. It's that too many people don't even think about it.

 

after using reg shot to track down the setting i wrote this powershell script that needs to be run by the user launching unity as it's a HKCU reg key

#get user
$userad = [System.Security.Principal.WindowsIdentity]::GetCurrent().Name
$user = $userad.Split("\")[1]

#find user SID
$sid = WHOAMI /USER /FO LIST
$hku = $sid[5].Split(":")[1].trim()
#map psdrive to hkey user
New-PSDrive -PSProvider Registry -Name HKU -Root HKEY_USERS

#set hkey current user reg
set-ItemProperty -Path "HKU:\$hku\Software\Unity Technologies\Unity Editor 5.x" -Name "UnityConnectWorkOffline_h1193624900" -Value "1" -Force

Remove-PSDrive -Name HKU