• * Never use the same password for more than one website. Your RuneScape password should not be the same as your e-mail password or the password you use on fan sites. People are always trying to hack fan sites and if they do, they could obtain the password you used on that fan site. If you also use that password on RuneScape, then they will immediately have access to your RuneScape account. Do not re-use passwords!! To compare it to real life, it would be like using the same key for your house, car, and safety deposit box. If someone stole the key, you would lose everything. Minimize the damage by using separate passwords. That way if one gets stolen, you only lose one account, instead of all of them!
  
  
• All of your passwords should be lengthy and complex. Do not use dictionary words or anything containing personal information. Passwords like "ilovecats" or "chocolate" or your birthday are NOT good passwords. A good password should contain numbers, letters, and if possible - symbols. The longer the password, the better.
  
  
• * Keep your e-mail account secure! If someone steals the e-mail account linked to your RuneScape account, your RuneScape account is as good as gone. In addition to following the above two points, there are further measures you can take to protect your e-mail.
  
  
  • Use a separate e-mail address for RuneScape. Do not use that same e-mail to register on fan sites or other websites.
    
  • Do not tell anyone what your e-mail address is. Do not list it on your online profiles.
    
  • Use Gmail and enable two-step verification. This feature is invaluable. It will require someone to physically have your phone in order to access your e-mail account. This extra layer of security could save your account from a hacker!
    
  • Secure your recovery questions. If your recoveries are easy to guess, you might as well be pasting your password for the world to see. See further down for tips on good recoveries!
  
  
• *Do not use legitimate answers for your recovery questions. Recovery questions set us up to be hacked.. not intentionally, but that's what they have become with social media sites. All of the questions can easily be figured out through your online profiles, social media sites, blog posts, etc. With a few searches, people can easily figure out your home town, your best friend, your first school, your mother's maiden name, etc. And those are all common recovery questions! Your recovery questions should be like additional passwords and consist of random numbers, letters, and symbols. Example:
  
  
  What is your mother's maiden name?
  H<[qh3g[3Psds4658jhd
  
  
• Don't store your passwords in an unhidden text file on your hard drive! If your computer gets infected with a virus or compromised in a similar fashion, someone could steal your entire list of passwords! There are several applications available that will encrypt your passwords for you, thus making it impossible for people to steal them unless they know your master password. One example of such an application is 1Password. You create one master password (make sure it's a good one) and then you can start saving your login usernames/passwords for individual websites (similar to when a browser asks you if you'd like it to remember the password). But all your information is stored in an encrypted format so it can't be stolen! Applications like these are very useful if you have trouble remembering all your different passwords (see point #1).
  
  
• * Use a bank PIN! There is NEVER a reason to not use a bank PIN! Forget laziness. What is typing in a 4-digit bank PIN each time you log in compared to losing your entire wealth? Set a bank PIN, change it so that it requires 7 days to reset (by speaking to a banker and selecting the "I'd like to check my PIN settings" option), and always bank your valuables before you log out!
  
  
• * Do not fall for phishing scams or fake login sites! Jagex will never e-mail you to say that you've received an infraction on your account (or something similar). If a phisher gets ahold of your e-mail address, they will send you an e-mail that looks like this:
  
  
  Scam/Phishing E-mail Example

  Quote

  Dear Player,
  
  we have received multiple report actions towards your RuneScape account that has lead to it being placed in the "Danger Zone". This means your account is on the verge of being banned or muted depending on each report type. If you are unaware of the rules of RuneScape, please read the rules and conditions located on our home page.
  
  Please click the following link and enter your username and password to view your account status or to submit an appeal:
  
  <<a link will be placed here>>
  
  Please note: Due to a recent bug in our bot detection system, some accounts may have received void infractions. The majority of void infractions have been removed. We urge you to visit the appeal section to appeal any unjustified infractions received due to system errors.
  
  Kind regards,
  The RuneScape Team
  
  This is a service email, there is no need to unsubscribe. To ensure you always receive your RuneScape account emails to your inbox, please add noreply@email.runescape.com to your email address book.
  
  © 2011 Jagex Ltd. Jagex® and RuneScape® are registered trademarks of Jagex Ltd in the United Kingdom and trademarks used in other countries of the world.
  View our Privacy Policy :
  This inbox is not monitored and you will not receive a reply to your email
  
  Jagex Ltd. St. John's Innovation Centre, Cowley Road, Cambridge CB4 0WS United Kingdom.
  
  
  It will look like they provided a link to the RuneScape account status page, but the link will be disguised and will actually take you to a scam site with a fake login page. If you enter your account details on this page, your password will be stolen! There is never any reason to click on a link in an e-mail to RuneScape.com. If you need to visit the website, type in the URL yourself.
  
  
• *Install a good virus scanner and run it at least once a week. Complete a full scan - NOT a quick scan! Examples of great virus scanners include Bitdefender and Kaspersky. If you want a free option you can use Microsoft Security Essentials (for Windows) or ClamXav (for Mac). However, the virus scanners with a price tag will usually be better and more reliable.
  
  
• * Don't visit suspicious websites (for example, websites saying they have "RuneScape hacks" available) or download files from people/websites you don't know. These kinds of file could contain malicious programs that will infect your computer with a virus or keylogger!
  
  
• If it sounds too good to be true, it probably is. The latest trend these days is to post up YouTube videos and put something in the description like:
  
  

  Quote

  Giving away 100M! Just sign into the RSOF and post on my thread! <link>
  
  
  And they will include what LOOKS like a link to the RSOF but really isn't. It will actually lead you to a fake RuneScape login page that will steal your password. If someone tells you to visit the RSOF, ask them for the Quick Find Code and use that to navigate there yourself.
  
  
• Do not run any untrusted Java applets. Someone could link you to a website that asks you for your permission to run a Java applet. Unless you know EXACTLY what the website is for and trust your referrer or the website 100%, do not accept!!

[url=http://forum.tip.it/topic/286405-stay-safe-a-guide-to-account-security/][img]http://tip.it/runescape/images/crew/safety-forum.jpg[/img][/url]

[url=http://forum.tip.it/topic/286405-stay-safe-a-guide-to-account-security/][img]http://tip.it/runescape/images/crew/safety-forum.jpg[/img][/url]

[url=http://forum.tip.it/topic/286405-stay-safe-a-guide-to-account-security/][img]http://tip.it/runescape/images/crew/safety-forum.jpg[/img][/url]