Well first of all be transparent about things (don't just say hey it's all good we fixed it when you didn't do shit , that just feels as you asking for it again) . I just want you guys to put some work in and fix all this , I don't think I'm asking a lot to put in a few hours of work , but not when there are 6 man groups with hackers. I gave you all the information.
The password solution you added it's at best a inconvenience trying do do emulated id's.
You guys didn't even take the time to see what I was doing and I wasn't even trying to hide .
https://pastebin.com/xddusuaR , Take this paste it into a notepad ++ , it's a sample of auth tokens and what u should look for.
Don't take this the wrong way but the next guy won't be as nice. I have a routine that collects all player id's of people I encounter on map and what would happen if I just did a loop through all of them and emulated their id's but login off a banned ip ... everyone would just end up banned just to cause a bit of chaos.
I'm happy to help you fix this stuff and give you pointers where your flaws are at , but if you are just going to do nothing then I guess you have it comming