.gif%3Falt%3Dmedia%26token%3Dccc4fdb1-01ba-468b-b2ab-4239e9d54fc5)
.gif%3Falt%3Dmedia%26token%3Dccc4fdb1-01ba-468b-b2ab-4239e9d54fc5)
password
description of the Good Knight /password-manage and /password-reset commands
Never share your Good Knight password with anyone!
Never post your password ANYWHERE within discord, even in DMs
Only use your password when executing a Good Knight command
Good Knight will never unexpectedly ask for your password
/password-manage/password-reset <@user>Set, edit, and reset passwords & tokens
This command allows the server owner, Good Knight admin, and Good Knight mods to set their password and one-time token, depending if the server requires a password, one-time token, or 2FA. The user's password/token is used to access most of the Good Knight commands.
- Passwords & tokens are user-specific — you will never have to share passwords & tokens to obtain Good Knight access
- Passwords & tokens are server-specific — if you're a Good Knight mod in multiple servers, you can set a different password & token in each
- Passwords are one-way hashed — your password can never be leaked, even if a hacker breaches our database. See Is My Password Safe? for more info
- Accounts lock after 3 failed password attempts — only the server owner can unlock the account by resetting their password
- Tokens are one-time use — your token changes every 30 seconds and can only be accessed through your authenticator app. See Is My Password Safe? for more info
- Tokens are usable with any authenticator app — Good Knight supports authenticator apps like Google Authenticator, Microsoft Authenticator, and Authy
Remember to keep your Good Knight password & token safe! It's your last line of defense against any hacker. Never post your password or token anywhere within discord and never provide it to any user or bot, unless it's the result of a Good Knight command that you initiated. The Good Knight will never unexpectedly ask you for your password or token. If your account is compromised, the hacker will be able to see your messages, DMs, and even slash command inputs. This is why the Good Knight modals (pop-up boxes) are the ONLY way info can be hidden from a hacker that has compromised your account⚠
The password command gives you access to several options based on your current status and permissions
Set Password
Change Password
Reset Password
Before using any protected Good Knight commands, you will be required to set a password and/or token. You will follow this process the first time you use
/password-manage after being given access to the bot or if your password & token were reset. Password:
If your server requires a password or 2FA, the password must follow these complexity rules:
�� do not use your discord password!
⚠
After you execute the
/password-manage command, you will be presented with this pop-up to set your new Good Knight password
Timed One-Time Token:
If your server requires a one-time token or 2FA, you will need to register your secret key with an authenticator app:
You have two options to register with your authenticator app, either through a QR code or directly from the secret key.
After following the secret key registration options, click
Verify and enter your timed one-time token to confirm that you're set!
QR codes can be dangerous! This is the ONLY time Good Knight will show you a QR code. Do not scan unexpected QR codes
⚠
It's a great idea to periodically update your password. To change your Good Knight password, you must know your previous one. After executing the
/password-manage command you will be prompted with this pop-up
Your new password must follow the complexity rules described in the Set Password tab.
For one-time tokens, you cannot change them with this command. The only way to change your authenticator app token is to ask your server owner to reset it with the
/password-reset commandOnly the server owner or Good Knight admins can use this command
If a user forgets their password/token, or to unlock an account after 3 failed password attempts, the server owner or Good Knight admins can reset the password & token.
Be very careful! Hackers may try to social engineer the owner account into resetting a user's password & token. It's recommended to wait 24 hours to fulfill a reset request and/or request proof using an alternate media platform
⚠
To reset a user's password & token, execute the
/password-reset command along with mentioning the target user
After the user's password & token are reset, they will be able to use the
/password-manage command.The Good Knight bot should have in the Good Knight admin channel:
View ChannelSend MessagesEmbed Links
None
Last modified 3mo ago