Is it safe to use random file extensions to save data?

So currently I generate a random key for each user, and use this key to XOR encrypt data into a json file. The path for this file is always something.json. Is it better to make up my own extensions so that file openers cant open it? Like “game/something.ftdata” ? Are there any extensions that will cause problems?

That’s not a thing, otherwise we wouldn’t need DRM and copy protection.

If you’re concerned about the user ‘hacking your save files,’ or ‘cheating in your game,’ which is playing on their computer, just don’t be.

There’s nothing you can do about it. Nothing is secure, it is not your computer, it is the user’s computer.

If it must be secure, store it on your own server and have the user connect to download it.

Anything else is a waste of your time and the only person you’re going to inconvenience is yourself when you’re debugging the game and you have savegame errors. Work on your game instead.

Remember, it only takes one 12-year-old in Finland to write a script to read/write your game files and everybody else can now use that script. Read about Cheat Engine to see more ways you cannot possibly control this.

2 Likes

Changing the file extension doesn’t prevent other people from opening it.

1 Like