Good Knight security is extremely important to our team which is why we have taken the necessary steps to protect your passwords. To provide the highest level of security, the Good Knight offers multiple solutions to securing your discord. You can choose from:

1. Password: Users set their own secure password

2. One-Time Token: Authenticator app token

3. 2FA: Combined password + one-time token

Password:

• must be at least 8 characters long

• require a high level of complexity

• are salted (random characters are added to your password)

• hashed using the bcrypt library

• one-way hashed (irreversible)

• account lock after 3 failed attempts

By using one-way hashing, your password is never revealed to the Good Knight team and, in the unlikely event that our database is hacked, the hackers would not be able to decrypt your password.

Timed One-Time Token:

Integrate your favorite authentication app like Google Authenticator, Microsoft Authenticator, or Authy to provide you with a timed one-time token (TOTP). Once setup, you can use Good Knight commands with your temporary token provided by the authenticator app. No need to create a complex password.

2FA:

Combine both the password and timed one-time token methods to create an ultra-secure solution. While this is the most secure method, it's overkill in our opinion. Since a hacker will have to hack your discord account before they can even try to access your Good Knight account, just one of the above protection methods is enough to stop most hackers.

Why does the Discord modal (pop-up box) warn you not to share password? Aren't you asking for a password/token?

This warning is a default message added to every popup box created by a bot. There's nothing we can do to remove it. Discord added this warning to discourage scammers from using these forms to ask for email, password, and 2FA information. You should NEVER use your discord password for a bot. Your Good Knight password should be unique and different from your discord password.