Why?

Hello, I'd like to make 3 suggestions concerning the link codes.

Knowing that some servers synchronize all their discord/server roles, including admin, I think it's rather dangerous to leave only the possibility of a 4-digit code. For small/medium servers, this wouldn't be a problem. But with a large wave of players connecting their accounts at the same time, a smart guy could easily brute-force another player's code.

4 digits = only 10 000 combinaisons, instantly forced

What and How?

1. Set our own expiry time for the code, in minutes.
2. Define the number of characters the code can contain. Default is 4, but can be increased to 6.
3. But also to be able to complicate codes by including lower-case letters, for example : 5dt35s
   This would give us 2 176 782 336 combinaisons instead of 10 000 currently
   0 to 9 digits = 10 positions
   A to Z = 26 positions
   10+26 = 36
   36x36x36x36x36x36 = 2 176 782 336

Are there alternatives?

I don't think so.

Checks

• I have used the search at least once to check if my idea has already been suggested and perhaps already implemented.

Anything else

While this is quite feasible, it might be a good idea to test different codes including letters and numbers directly in-game with the minecraft font to see if certain combinations are confusing, such as :
o01i

Thanks :)

4 digits = only 10 000 combinaisons, instantly forced

Not instantly, Discord rate limits messages to 5 per 5 seconds thus limiting the rate to 60 per minute per account and sending 10k messages via DM (the default way of linking accounts) would likely get the account limited, unless bots are excluded from Discord's spam prevention

Knowing that some servers synchronize all their discord/server roles, including admin

This can be avoided by not synchronizing dangerous roles or linking those users manually with /discord link <player name/uuid> <discordid>

---

Having a tighter rate limit would be ideal and will be implemented at some point

Related issue: #366