What is the difference between the nick, username, and real name in IRC, and what is the password?

Asked 28/7, 2015 at 2:5 Answered 30/7, 2015 at 2:10

According to RFC 2812, section 3.1, in order to connect to an IRC server, a user must issue three commands in this order:

PASS <a password>
NICK <a nickname>
USER <a username> <mode> <unused> <a real name>

So we have a password, and we have three different "names": nickname, username, and real name.

When I use IRC, I only have one name: the one that appears to others in the chat. Is this the nickname?

What are the other two? And what is the password for? I know there's a feature in IRC where you can register a nick and password so only you can use it. Is that what this password is?

Karmakarmadharaya answered 28/7, 2015 at 2:5 Comment(0)

The nickname supplied with NICK is the name that's used to address you on IRC. The nickname must be unique across the network, so you can't use a nickname that's already in use at the time.

The username supplied with USER is simply the user part in your user@host hostmask that appears to others on IRC, showing where your connection originates from (if you've never seen these, then your client may be hiding them). In the early days of IRC it was typical for people to run their IRC client on multi-user machines, and the username corresponded to their local username on that machine. Some people do still use IRC from multi-user shell servers, but for the most part the username is vestigal.

The real name supplied with USER is used to populate the real name field that appears when someone uses the WHOIS command on your nick. Unlike the other two fields, this field can be fairly long and contain most characters (including spaces). Some people do put their real name here, but many do not.

The PASS command is optional. It is used to supply a password if the IRC server you are using requires one. Some servers will use the password supplied to attempt to log you on to IRC services.

Note that the RFC2812 does not represent a consensus view of IRC - it is an update to the standard authored by and focussed on one particular implementation of IRC. RFC1459 is still the lingua franca of IRC.

Briarwood answered 30/7, 2015 at 2:10 Comment(4)

On the server I tested, nick registration/identification was impliemented by talking to the NickServ service. I don't think NickServ is mentioned or described in any RFC, so the use of the PASS command to enter a nick-identification password isn't what that command was originally intended for? – Karmakarmadharaya 30/7, 2015 at 5:46

@JackM: Right - it was originally intended for implementing a "password-protected" server that wouldn't let you connect at all without a password. It was also used to give certain classes of users extra privileges if they supplied the correct password (for example, a longer ping timeout or exemption from k lines). – Briarwood 30/7, 2015 at 5:59

Hi @caf, thanks for note about the RFCs. I'm new to all this and plan to develop an IRC bot for fun. Which RFC should I stick to? Is the RFC2812 implementation more wide spread? Or can't I go wrong with RFC1459? Thanks in advance. – Flam 8/12, 2020 at 21:53

@fancyPants: RFC1459 is the widespread, common denominator. It is a little light on in parts, so you will probably find there is also some 'tribal knowledge' required. – Briarwood 9/12, 2020 at 2:18

I've done some experimentation and the only thing that seems to matter is the nick. The password is indeed used to register you, and is associated with the nick, not the username or the real name. At least on Foonetic.

First, I logged in with nick "Iggle", and some random other data:

PASS stuff
NICK Iggle
USER whatever 0 * somerealname

Then I registered

PRIVMSG nickserv register pinetree [email protected]

And verified it. So now "pinetree" is the password for Nick: Iggle, Username: whatever, Real name: somerealname.

I disconnected and reconnected.

PASS something
NICK Iggle
USER whatever 0 * somerealname

It logged me in but complained about an invalid password. Okay:

PRIVMSG nickserv identify pinetree

That worked, and it gave me +r. So the PASS command does indeed correspond to the password you register with NickServ. Doing WHOIS Iggle showed a username of "whatever" and a real name of "some real name". I disconnected and reconnected again.

PASS pinetree
NICK Iggle
USER canada 0 * ghana

That logged me in and didn't complain about the password, giving me +r straight away! This confirms that the PASS command is the same as the password given to nickserv, and since I used a different username and real name, it shows that neither of those have anything to do with the password - only the nick matters. WHOIS Iggle showed a username of "canada" and a real name of "ghana", no mention of the data I used on the previous log-in. So you can even use a different username and real name every time you connect to the server and nobody seems to even notice.

Conclusion: The nick seems to be the only thing that matters at all. It's permanently attached to a password once registered with nickserv, and the username and real name don't matter and can be changed at every log in. They don't even seem to be stored anywhere by the server.

Karmakarmadharaya answered 28/7, 2015 at 8:22 Comment(1)

Some IRC networks have chosen to reuse PASS for authentication to services, but this is nonstandard usage. PASS is ordinarily used for connections between servers, and for users which are somehow privileged (they may have larger send buffers, exemption from flood control, masked hosts, be exempt from connection limits, or be authorized to connect from networks from which that server ordinarily would not accept connections.) SASL authentication is a more widely used alternative to using PASS for services authentication. – Autobiographical 24/7, 2016 at 7:52

-2

Yes, you are right about nickname. In general:

nickname - name which appears for other users
username - name you use to login, allows system to identify you
password - sequence of symbols, which allows system to match you with your username
real name - this is just additional information about you

Yount answered 28/7, 2015 at 2:18 Comment(5)

Doesn't the password match with the nickname, not the username? I thought the purpose of the password was precisely to stop other people from using your nickname? – Karmakarmadharaya 28/7, 2015 at 2:23

It is more secure to hide your username, because to login you need pair of username + password. Using nickname for login is less secure, since everyone knows it. And malefactor just needs to get your password. – Yount 28/7, 2015 at 2:29

But if your password is only associated with your username, how does it help you control your nick? – Karmakarmadharaya 28/7, 2015 at 2:35

It's associated with a username. Is this case you may think about username as a primary key on table of |username |password |nick|. You need your password to login using this username, and only user with this username allows to use particular nick. – Yount 28/7, 2015 at 2:38

The username is not unique across the network and is not used to log you in. It's just the part before the @ in your user@host. – Briarwood 30/7, 2015 at 1:54

Recommended topics

Hot tags