Bypassing passwords on private servers is against List Server Protocol.
Anyone found to being doing so may find there ability to play JJ2 online
limited or disabled. They could also find themselves blocked from major
community events like Anniversary Bash, Tournaments etc.
This seems contrary to Monolith's draft rules proposal. As far as I can see, bypassing passwords on private servers has absolutely nothing to do with the list server itself. The consequences are not detailed, but I assume "ability to play JJ2 online limited or disabled" means a ban from the list server. While I have no problem with programming changes to hide private servers on port 10057, I think banning from public list servers for what happens in a private communication between two individual computers is beyond its jurisdiction. Analogous would be removing a site from a search engine database because it hacked another site in the database.