Jump to content

Login Pin + Screenshot Logger Protection -New RSOF Thread-


Recommended Posts

New RSOF Thread launched!

 

QFC: 83-84-132-59225246

 

My idea is the you could to enter a pin number (similar to the bank pin) in order to log in. This would not replace the password. It would only be an extra precaution for those who choose it. The pin screen would appear after you press the login button after you type in your username and password. It would not appear when you are in-game. This would prevent keyloggers from hacking your account. It would be optional (just like the bank pin), and you could switch between a bank pin and a login pin by talking to any banker in Runescape. So, why stop at protecting banks and houses when you can stop someone from getting into your account entirely?

 

Again, you have the OPTION

 

 

And now to protection against screenshot-taking keyloggers:

[hide=]

Aight, first off you need to make it so that when you hover your mouse over one of the numbers, ALL numbers disappear.

Because keyloggers works like this (or they can, work as this):

Everytime you click the mouse, it takes a blackandwhite screenshot of the screen with very low quality.

Because of this, the image becomes very low in size, and can be sent withour much fuzz to the person who sent it to you.

This is why a keylogger can get you're bank pin, it gets the four clicks, the person who sent you the keylogger looks at each one of them, and sees what numbers are gone. And voila, they know your PIN!

Now, if we made it so that all numbers dissapear on clicking, people making keyloggers would have to make a screen record feature, and they'd have to make it enabled all the time since they obvioulsy don't know when you're gonna log in.

That is 24/7 screen recording, even WITH low video quality, it would be a big big mess to send those extremely large video files over the internet.

Secondly, you need to have this on forum login, and all other stuff like that too.

 

With a number-blank-on-float mechanism added to the login system for the PIN, the keylogger would have to be set up in a manner that would actively bog the affected PC. In turn, the user would notice it due to all of their stuff suddenly running way slower than usual. At such, the user would then (if they are thinking) immediately run antivirus/antispyware scans, which would then reveal the running keylogger or other trojan on the PC. And we all know what happens when a user sees something they know shouldn't be there, heh heh heh. It goes bye-bye! Twisted Evil

 

Yeah, they would probably need to run the recovery sequence on their RuneScape account if this happened, and change their pass and set new questions. But, mechanisms like this would enable them to keep their account secure more often, and much more quickly than if there wasn't something like this. Exclamation

 

~Mr. D. V. Devnull

 

the numbers dissapear when you click on them, so a keylogger just takes a screeny, and the person can figure out which number you clicked fairly easily. the solution to this problem is easy:don't highlight the number when you click on it

 

Someone said that there are keyloggers that take screenshots when you click. Well, what if ALL the PIN numbers would dissappear when you move your mouse on them?

For example.

[1][5][2][4]

[3][0][9]

[6][7][8]

Now, let's say your PIN number's first number is 0. You see that it is in the middle, and memorise it.

Then, when you move your mouse over any of these buttons, this happens..

[ ][ ][ ][ ]

[ ][ ][ ]

[ ][ ][ ]

So, when you click and the keylogger sends the screenshot to the hacker, it will have absolutely nothing informative on it! Just 10 empty red squares and your mouse!

But why is this better than the one where the numbers dissappear while clicking?

There is a risk that the logger takes the screenshot before the numbers dissappear. Using this there would be no risk at all!

[/hide]

 

Well, due to the recent (sorta) updates, it doesn't look like we need to protect our items anymore.

No, we will still need this protection added. If any hacker who wishes to do damage breaks past a user's password and logs in, at the moment, the hacker has effectively free access to a user's inventory and equipped gear, to cause damage to as they please, as well as kill the player's character and send them back to the respawn point without all the stuff.

 

~Mr. D. V. Devnull

 

I really dont see whats the use of hacking some1 now...

you cant droptrade items....

I can think of one awful reason for a hacker to get the pass and get into any player's account....... :|

To ruin a player after they've caused the hacker some kind of in-game upset that the hacker thinks they have to get back at the player over. :(

This, BTW, has happened to at least a few of my friends. I pray it never happens to me, and that's why I want this movement to succeed. To help both them and myself before it happens again to any one of us.

 

~Mr. D. V. Devnull

 

Good Suggestions and Comments (You should read these):

[hide=]Bank

i like the idea also since i would to have to use the pin at bank so it wont be annoying at bank

 

Onscreen Keyboard

2 words: On screen keyboard
The on screen keyboard triggers the exact same responses as a regular keyboard. In other words, it's just as vulnerable.

A keyboard sends signals to your system when a key is pressed. The on screen keyboard simply reads a click of a button in it, and replecates the signal. Keyloggers look for this signal and copy it.

 

Poison

When you log out poisoned the bank pin can be fatal. This would also solve that problem.

 

Login Waiting Time

I hated it in other mmorpg games, it takes forever. I always enter 0000 or 1111 or whichever to hurry up logging in. But since world hopping requires you wait 32~35 seconds so I'm neutral on this idea. (Neither support or anti support)
[/hide]

 

Login Screen Suggestions:

[hide=]By me:

pinnumberidea.jpg

 

Another title screen suggestion by gerre5:

loginuf8.jpg[/hide]

 

Support List:

[hide=]1. tripsis

2. fakeitormakeit

3. supercanon14

4. NJE03

5. deciever2

6. darkblade986

7. mojo477

8. jwrm22

9. -Devoted12-

10. dsavi_x4

11. unkn0wnwarrior

12. justj2

13. beniscool218

14. inferno_char

15. Funnibunni

16. godofheaven4

17. [bleep]erkid

18. lady_phi

19. Azurechaos

20. scruff636b

21. muckytears

22. zaaps1

23. dippymister

24. horntail203

25. sup3rpur

26. x_martins_x

27. zuomimiez

28. Nub_Of_Noobs

29. D_V_Devnull

30. randox

31. vittee

32. nicrune008

33. Moonshadow

34. rogueII

35. Mortifyer1

36. ZhouNing

37. ZeroHero

38. Casjuh

39. rhan_wolf

40. chase_cool7

41. matie93

42. yogosunismyhero

43. Arambul

44. vesuvius27

45. Dark_Lord552

46. heartless619

47. lil_danmay

48. Pivotto

49. gibsocam

50. killerred005

51. hal020wns

52. arrowbld

53. Natasa777

54. deyan2

55. demonreape2

56. Free_Steel1

57. flava0falcon

58. n_odie

59. ianer101

60. Blipi2

61. ShadowKing

62. Smapla

63. Asmodeous4

64. ihminen555

65. DTienjo2

66. allan1114

67. EzThePker

68. mini193

69. samurai_lassie

70. sammyboy894

71. smither213

72. zerbs

73. NiteElve

74. andy_matthews

75. Masterthias

76. WolfhunterXZ

77. GlowinRedM

78. cowmasta13

79. deathlord552

80. EnragedKingOfHearts

81. Deadlyfun

82. Jamana

83. gerre5

84. MikelP

85. raeeswashere

86. Voldmort0

87. hot_mountain

88. goat62494

89. bowersbros

90. decebal

91. davidium

92. Latinoking

93. orao8

94. Master_Smither

95. mikehild

96. theking123

97. 211cole

98. Haseo_8492ed

99. ben331

100. Magic_Shad3 - 9-27-07

101. gotjello

102. Dracion1

103. Jason321

104. -Peronix-

105. ormoke

106. bob_the_bimb

107. A_C_F_Daz

108. safibn

109. lordragonknight

110. PrOfEsIoNaL

111. hephaestos8

112. W00tpecked

113. Fuzzyoldhat

114. Fadooda

115. scootlaboot

116. dang

117. knex2

118. Peterpan538

119. Georgelemmons

120. Inuashakent

121. Nuclear_man2

122. etpelletier

123. Darkfuhrer

124. I_Invandis_I

125. chad197

126. Bermudah

127. TigerBill

128. kburts

129. Zoidnerd

130. Kozak94

131. c.ransom12

132. LiChef

133. zoomkey

134. gg_kk90

135. Shahrazad

136. Knight_Zaros

137. Captainkidd

138. AWCADDET

139. ickdeep

140. huddybuddy

141. S6Field1972

142. knitewulf

143. Cooldude3910

144. hawkxs

145. Hammertime

146. Ugozima

147. Danil554

148. yondergod22

149. Zeus_s_Soul

150. Bloodkay

151. Fr0zen1

152. Vadimir

153. ya11a

154. Juhniz

155. Gradeskip93

156. ilovetopk

157. Pharanoid

158. Mrmegakirby

159. demonsnake8

160. SirHemen

161. Bad911

162. jimmyw3000

163. Yomyth105

164. Zierro

165. hawkxs

166. Chalksmith

167. HydraXP

168. J35u5_M4

169. Balazeal

170. Raawwwwr

171. triquos

172. Rustoid523

173. jonavolaii

174. Evil_Pig20

175. elin1101

176. romy

177. SerpentEye

178. Tiigon

179. Hernet0

180. Hollandowner

181. lionesshunt

182. Gradeskip93

183. henryroo

184. Jenove

185. Bountyjosh

186. Computergee3

187. Smudge4dusty

188. AndJusticeForOne

189. abc1230

190. boydeath

191. DeltaFire26

192. Mylez

193. dzihouchan

194. who_am_i

195. skylor12344

196. Studio1417

197. Hooktontruth

198. abbydog95[/hide]

 

Special thanks to:

unkn0wnwarrior - Helped me by answering some questions and explaining things to people.

 

D_V_Devnull - Explained why this suggestion should still be used. Always there to correct me and to keep this thread from going under.

 

 

-Bumps are appreciated.

 

*If you don't say anything negative, I am assuming that you support the idea.

 

A simple thing to put in your sig:

 

[url=http://forum.tip.it/viewtopic.php?t=624635&postdays=0&postorder=asc&start=0]Support the best way to stop keyloggers![/url]

f203f1850c.png
Link to comment
Share on other sites

 

 

 

they already have something like that. Its called a password!!!!! If some one has hacked your computer and found out your password, they would probably know the pin too. or they would just guess a 4 letter combination until they found it.

 

 

 

 

 

 

 

P.S. This is also the second worst suggestion ever. The holiday item shop comes in first.

 

 

 

Have you ever noticed that you click the buttons to put your pin number in? Or that the numbers keep switching around? Keyloggers wouldn't be able to get pin numbers.

f203f1850c.png
Link to comment
Share on other sites

That was a little harsh, scootlaboot. Lets keep the comments nice.

 

 

 

 

 

 

 

I actually think it's a descent idea. Similar to bank pins, I think it should be made optional if it was implemented. As you said, it would help protect against keyloggers.

Posted Image

 

- 99 fletching | 99 thieving | 99 construction | 99 herblore | 99 smithing | 99 woodcutting -

- 99 runecrafting - 99 prayer - 125 combat - 95 farming -

- Blog - DeviantART - Book Reviews & Blog

Link to comment
Share on other sites

Have you ever noticed that you click the buttons to put your pin number in? Or that the numbers keep switching around? Keyloggers wouldn't be able to get pin numbers.

 

 

 

 

 

 

 

still all you need is a password if you keep getting hacked just do a spyware/virus scan then change your password.

wailord.png

 

If you choose your beliefs/lifestyle simply based on what your parents want, then you are a weak minded individual and are not even worthy of calling yourself a person.

Link to comment
Share on other sites

they already have something like that. Its called a password!!!!! If some one has hacked your computer and found out your password, they would probably know the pin too. or they would just guess a 4 letter combination until they found it.

 

 

 

 

 

 

 

P.S. This is also the second worst suggestion ever. The holiday item shop comes in first.

I was going to say the same thing as the password
Your name is "bet you fail", and you're starting a business with your mom? I'm not even going to touch that.....
Link to comment
Share on other sites

 

Have you ever noticed that you click the buttons to put your pin number in? Or that the numbers keep switching around? Keyloggers wouldn't be able to get pin numbers.

 

 

 

 

 

 

 

still all you need is a password if you keep getting hacked just do a spyware/virus scan then change your password.

 

 

 

 

 

 

 

 

 

 

 

yeah u get hacked the first time and lose evey thang u dont realy need the password any more eah?

 

 

 

 

 

 

 

 

 

 

 

ontopic: i think u can talk to the bank people and ask for a bank pin then that would go to the front page to

DoD:S ownage

what we have here is a ..um.. failur to communcate

check out my steam ID page @ alpha company

Link to comment
Share on other sites

With all due respect, I think this is pretty pointless. Most people have said, when they got "hacked" they got hacked by giving their password to one of their trusted friends. Sorry, but I don't support.

28u7f5g.jpg

danke Schon Sam!^^

"Blood runs thicker, oh were thick as thieves you know"

-Carl Barât

Link to comment
Share on other sites

I think it's a good idea. Though I personally have never been hacked, I think those would have would really get some good use out of a pin being placed at log-in.

sigraniiixx.gifEye-X.gif

blg.giff2p.giftfsn.gif

 

[spoiler=Stats:]Updated December 22, 2011:

 

Total level - 1442 - 170M+ XP , Combat level - 115

Combat skills: Attack - 90, Defence - 99 (24.45m+ XP), Strength - 90, Constitution - 99 (16.42M+ XP) Ranged - 99 (13.32M+ XP), Prayer - 60, Magic - 99 (13.25M+ XP)

Non-Combat skills: Cooking - 99 (13.80M+ XP), Woodcutting - 99 (31.95M+ XP), Fishing - 90, Firemaking - 99 (24.82M+), Crafting - 90, Smithing - 90, Mining - 85, Runecrafting - 60, Dungeoneering - 85

 

Link to comment
Share on other sites

This would work well, you could have the option of enabling or disabling just like the bank pin and also the option of making your account pin your bank pin.

deciever2.gif

Dragon Drops: D spear x 2, D skirt, D half-shield, D axe, D 2h

Barrows Rewards: Ahrims hood, Karil's Coif, half key x 6, D med, torags legs, veracs flail

Link to comment
Share on other sites

they already have something like that. Its called a password!!!!! If some one has hacked your computer and found out your password, they would probably know the pin too. or they would just guess a 4 letter combination until they found it.

 

 

 

 

 

 

 

P.S. This is also the second worst suggestion ever. The holiday item shop comes in first.

 

 

 

 

 

 

 

Darn straight..... :XD:

IMG]http://sig.runeweb.net/sig/12/Superstyle4.png[/img]

Xbox Live Username: ILINI

Link to comment
Share on other sites

its ok but it seems to easy. I had an idea where you could put a pass with a keypad, and it would be just like entering a pass, except it uses a keypad. Then the letters would move just as normal on a bank pin. no matter what, a keylogger would be able to take ur pass. and with over 26 latters+numbers it would take weeks to go through all the possible combos

99 Fletching 99 Attack 99 Constitution 99 Cooking 99 Strength

Gamertag: H8tebringer

h8tebringer-siggy-bloodskull-1.jpg

Link to comment
Share on other sites

You all seem to be missing the idea behind this. The idea is that if you don't get the pin number, you don't get into the account. If someone were to try to brute-force the bank pin, then the account could be temporarily disabled then due to suspicion of the account being stolen.

f475e02ecc.png

don't worry, you are going to "hell" anyway. wanna race to see who gets there first?

Officially reached 100 Combat at 1:33PM EST, June 14, 2007

First Dragon Drop: Dragon Chain (Dust Devils) @ 10:48PM EST, July 14, 2008, lv113 combat

Link to comment
Share on other sites

i like the idea also since i would to have to use the pin at bank so it wont be annoying at bank also it can have a switch to show every time you log in or only every time you go to bank after logging in

Mojo477 has had to quit members so i need friends to talk to on my pure Lived4devil so please add her

"The elves having helped create the crystal saw is like Greenpeace having helped create a nuclear seal skinner"

Link to comment
Share on other sites

nice idee,

 

 

 

 

 

 

 

and to all ppl that are spamming cuz hackers will find out cuz they can hax your pass...

 

 

 

 

 

 

 

then i say:

 

 

 

no... most keylockers that they use for rs do only write down what you enteren on a site, inh word, notepad, msn, everything... but they cant see what you are doing with your mouse... youll need a mutch bigger program for that...

 

 

 

 

 

 

 

and if you got hacked and got phat on you... your phat is gone after you log back in, but when you banked it it will be mutch safer... same with barrow armour etc...

 

 

 

 

 

 

 

maybe a solotion:

 

 

 

enter ingame where you want a bank pin or where you wont... example: i wanmt a bank pin on: dropping stuff, bank, poh, and so on... but i dont want one for my custume rome...

runeminermb1.gif

^^ click my sig for my lesser ranging guide ^^

jwrm22: 4816th > 99 cooking 100% f2p !1172 total! + 140mil in items.

i dont play anymore... i think rs is ruined

Link to comment
Share on other sites

Was that a compliment? I couldn't tell. Well anyways, the whole purpose of the pin number is to stop hackers (who don't know you) with keyloggers from take your stuff. This has nothing to do with giving passwords to loyal friends. I agree that if you do get a keylogger on your computer that you have worse things to worry about, but it would protect your account. That would be one less thing to worry about.

f203f1850c.png
Link to comment
Share on other sites

What's the point... If they have the ability to make themselves more secure (e.g. make a good password and don't give it out, use the bank pin system) but don't use it, they aren't likely to use this either...

copyofsigtuxtimenf0.png
Link to comment
Share on other sites

2 words: On screen keyboard

 

 

 

 

 

 

 

The on screen keyboard triggers the exact same responses as a regular keyboard. In other words, it's just as vulnerable.

 

 

 

 

 

 

 

A keyboard sends signals to your system when a key is pressed. The on screen keyboard simply reads a click of a button in it, and replecates the signal. Keyloggers look for this signal and copy it.

f475e02ecc.png

don't worry, you are going to "hell" anyway. wanna race to see who gets there first?

Officially reached 100 Combat at 1:33PM EST, June 14, 2007

First Dragon Drop: Dragon Chain (Dust Devils) @ 10:48PM EST, July 14, 2008, lv113 combat

Link to comment
Share on other sites

I think this is seriosuly a brilliant idea. Keyloggers won't get in, and then you don't have to worry about going to a bank and banking your stuff before you log out in fear of getting hacked. Passwords don't always work guys. Good suggestion!

devotedconstructionkt0.jpg
Link to comment
Share on other sites

how bout this:

 

 

 

 

 

 

 

Username: funnibunni9

 

 

 

password: **********************

 

 

 

pin number: ****

 

 

 

 

 

 

 

This achieves nothing. Your trying to stop keyloggers. This won't cut it. it's just like have 2 typable passwords. It has to be a movable pin.

devotedconstructionkt0.jpg
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.