Securing Your Web Game - Byte Editing

One of the easiest and most effective ways for people to hack a game is byte editing. Basically there are tools available that can pin-point variables used in your game and change their values. For example if you have a game that gives the player a score, the player can use a tool to search for that value in their system's memory and modify it to be whatever they want. This can be particularly bad if your game then submits the score to a database shared with other players or rewards the player based on their score. Below is an example of byte editing being used to cheat in Bejwelled Blitz.

The best way to prevent this type of hack is to have the logic handled on a server and use the game only to display values and handle input, but that's not always possible. An alternative is to encrypt the stored values and decrypt them when you need to use them. You should test your game's security using a byte editing tool to make sure you can't find any potential issues. The tool I'm most familiar with is Cheat Engine (Windows). Below is an example of preventing byte editing in a Unity game.

Read more about byte editing.