Yes, that’s what I meant by “managing accounts”. Might not have been the best phrasing, though.
So you would build a system like this without accounting for the possibility of all accounts being used at once? Not to mention the possibility of someone trying to flood the system?
We’re still talking about thousands of accounts and potentially hundreds of thousands of items.
I don’t remember if the two SwatSec incidents were caused by phishing or something else entirely.
Thing is, you don’t know what would happen because this would be an unprecedented scenario. I don’t think there has ever been a time since RotMG’s creation when a third-party website was used to store the credentials of thousands of accounts.
That might also be directly caused by the fact that, as a player, all you would ever see is the convenient side of the system and not all the problems it causes.
From Deca’s perspective, this is a huge risk to take with very little benefit. I doubt any videogame company would be comfortable letting a third-party amateur website handle this many accounts and in-game items.
From the Realmeye devs perspective, this is 10 to 40 hours of work upfront then having to manage the whole system forever. As long as their site isn’t using any credentials whatsoever, they can rest easy, but with your system they’d have to become a lot more concerned about security, with all the additional work and stress that entails. Remember: these guys are doing this as a hobby, they’re not paid professionals.