Search the Community
Showing results for tags 'Account Security'.
-
Hi, I'm getting this error every time: How to stop it?
-
I have been using the orion client for a couple of days now, I found out today that I am banned or muted on the forums. DO NOT USE ORION!!
-
So I got banned for macro goldfarming back in September partially due to the faulty bot detection system that banned over half the RS population... but wait a minute, people are STILL getting perm banned from this system? This is so laughable, flawless bot detection system you say? Then why is RS still run rampant of bots and innocents like me get not one but THREE goldfarming ban messages in a row? I've had enough. I just don't feel safe playing this game anymore. It's as if Jagex WANTS to ban me. Holy shit. And I thought I had hope in EoC and the new updates. I guess not.
- 32 replies
-
- 1
-
-
- Account Security
- Jagex
- (and 2 more)
-
welll... Long story short, have been using tip it for god knows how long and know im proud to be a member here :D
-
RuneScape makes the news, but not exactly in a good way: http://www.dailymail.co.uk/news/article-2328922/Teenager-dragged-court-giving-away-friends-VIRTUAL-gold-coins-online-fantasy-game.html I found the sentence to be somewhat hilarious: He was given an eight-month conditional discharge and was ordered to pay £16 compensation by Swansea magistrates. £16 punishment for trashing a six-year-old account. Jagex could score some PR points by doing the wronged player a solid. But we all know they wont. -
Note: This is a modified version of my post on the RSOF [QFC]277-278-105-63939404[/QFC] Introduction I think most people here know me, or at least know of me. I have been playing RuneScape on and off for well over 10 years now some people here may have met me at RuneFest in 2010 or 2011. Like many other people in the past I've been the victim of account thefts and lost what would probably now be the equivalent of billions of GP (loss of partyhats). It's an incredibly furstrating and stressful experience and it's not always the users fault. 0-day exploits and social engineering methods as well as the more common keylogging and phishing scams. I have created a concept (well put together more like rather than inventing it) for a more secure way of logging in to RuneScape or any of Jagex properties. It's called 2-step verification and it is very similar to what Google uses as well as other games such as World of Warcraft, Diablo III, Rift, Star Wars: The Old Republic and many more. Back in 2008 Jagex proposed a scheme whereby you could purchase a USB sized Secure key which you could use to generate a unique code to login. At the time Jagex were planning to offer an increased bankspace as an incentive to get people to purchase these keys unfortunately there was outrage from a vocal minority of the community about how paying real money (for a key) could get you an in-game advantage (more space) and so along with possibly prohibitively expensive costs the project was cancelled. Fast forward to 2012 and the world and community is a different place. Security technologies have improved, smartphone usage has risen to over half of the population in America with similar figures in Europe and most of the western world. This means that mobile app authenticators have become much more viable, cost effective and easy to distribute. Why this is needed An authenticator prevents unauthorised access of a RuneScape account even if you are unlucky enough to have your password compromised meaning that noone can steal your in-game items or even cause you real life monetary loss by a malicious person using up your Solomon RuneCoins or Squeal of Fortune spins. The recent bannings of high profile dicers and the mugging of a player with an immitation firearm goes to show how much of a real value some people (legitimately or not) put on our characters and items. The theft of items can in theory net a malicious "hacker" thousands of pounds. How to set it up To set up 2-step verification you would go login to your account on the RuneScape homepage and go to your 'account settings'. In the list of account options there would be a new line of text underneath the 'Recovery Questions' called '2-step verification'. Clicking the + sign would expand the information where you would then get the options of setting it up in three different ways. SMS text message on your mobile phone Smartphone app Secure key You MUST enter your mobile phone regardless of which option you choose to set up, this is incase you cannot get online using the smartphone app, perhaps it is out of sync with the server or your smartphone is broken and you are using a backup phone with your normal SIM, or if you have broken or lost your secure key. If you only choose option 1 then after you have typed your mobile phone number in you will be sent an SMS text message with a special code. You then need to verify this code on the RuneScape homepage. You will then have option 1 SMS verification enabled. I will explain how it works when trying to login shortly. If you choose option 2 then you will first need to enter your phone number as with option 1 but after you have verified the number you need to go to an additional step. You will then be instructed to download an app for your smartphone. Apps would be available for the key providers iOS (iPhone, iPad, iPod touch), Android and WindowsPhone7.5 (or WP8 when it's out). If you do not have a compatible phone then you can click a button to simply choose option 1 or you can cancel the process all together. Once you have downloaded the correct app you can press the next button online. To syncronise your account you would choose the option in the app to add an account and a barcode scanner would activate on the phone. On the browser screen a barcode would be showing and you would be instructed to scan this using your phone. Once you have done this another verification code would show on your phone. You simply type this into the browser box provided press 'complete verification' and then it would be enabled. Option 3 is slightly different and is effectively the canned original idea from Jagex about using a dedicated secure key about the same size as a USB stick which generates a unique code every minute or so. To set this up you would first have to order this from the Jagex store. These could be sold as a cost of around $10 plus post and packaging. To activate this you would need to type in the code that shows on the key into the the runescape homepage set up first and then it would work just the same as options 1 and 2 where you have to type in the verification showing on the key on login to the game or website. If you lose the key you can use the backup phone number you provided in an earlier step to request a code to login to the runescape homepage and deactivate 2-step verification until you order a new one or change your method to option 1 or 2. How it works The look of the app could be comething like the concept below (please forgive my naff photoshop skills). Basically on opening the app it shows a large 8 digit verification code which changes every minute and then a new one is displayed. If you have enabled 2-step verification then when you log in to the RuneScape webpage, forums etc you will be taken to a second page after the username/password which asks you for the verification code. If you have chosen the SMS option then you will shortly recieve a code which is valid for one use only to allow you to login. If you have chosen to use the app option then you will need to type in the code displayed before the timer runs out. If you optn the app and see it's about to change simply wait a few seconds for the next code to be displayed. A small tick box would show under the verification box which says 'remember this computer for 30 days'. This would use cookies to remember your computer so you wouldn't need to enter a verification code each and every time. If you have your browser set to clear cookies regularly then you will need to enter the code in more often. Logging in to the game would work in a similar way. You type your username and password as normal and before you get to the lobby you are asked for the verification code. This works exactly the same as logging in to the website and also gives you a 'remember' tick box. What to do if you lose your phone or get a new number Well there's a few things that Jagex could do. For example you could set up a backup phone number from a family member or trusted friend or Jagex could provide an emergency one use backup code which you will be asked to print out and put in your wallet for safe keeping. With this could could login to update your phone number. Otherwise you would have to go through the recovery questions just like a forgotten password. Costs Ideally options 1 (SMS) and 2 (app) should be free to the player. However I understand that this would require significant development time to work with the Jagex billing system and so the maximum I would suggest Jagex charge woudl be 69p/$0.99 or whatever the minimum fee for apps are on the relevant app stores. A dedicated secure key would obviously have a charge because it is a physical device with manufacturing cost. Other game companies sell these for around the $10 range. Other bits This is just an initial concept I have devised based on my experience of other services which use similar things. This would be entirely optional and so noone would be forced into this. There are immense benefits to this which means that if you lose your password to a phishing site, 0-day exploit or even if you are keylogged or sell victim to a phishing site a "hacker" could notaccess your account. 2-step verification works because of the two types of things you need to access your account something you know (password) and something you physically have (phone). This would also save Jagex significant time in dealing with investigating account thefts and returning accounts to the rightful owner. Obviously Jagex recovery system would need significant rework too to prevent the social engineering away of accounts via the Jagex recovery system being gamed as someone could just claim they simultaniously forgot their password and also got a new phone/deleted authenticator app etc. I feel that if this were to be implemented there also needs to be radical improvements of the recovery system. I strongly believe that the recovery system is the weak link and so even with activated 2-step verification it would need vast improvements as well. New guidelines should be published on how to create more secure recovery questions. With so much personal information available via social networks, YouTube and even searching whois databases people should be discouraged from recovery questions such as “mother’s maiden name”, “first school”, “pet’s name”, “favourite band” etc. Instead people should use information which is easy for a player to remember or find out but impossible for a person to remotely discover. For example “The first 5 numbers from a vehicle identification number” or “Print number from the painting hanging in the hallway”. There are many suggestions from people on this forum and on the RSOF on how to improve the recovery process but the crux is what happens after someone has successfully entered sufficient information. If a person has activated 2-step verification then on a successful recovery claim a person does not get to choose what the password should be, instead a password is created by the Jagex recovery system and sent via SMS to the number they used on setup. If a person does not have this phone number anymore they can opt to also have a copy of the new password also sent to the backup phone number. This way even if a malicious “hacker” has managed to find out enough information to impersonate me to Jagex support, without physical access to my phone they cannot access my account. I think I've got everything in my head down. I hope this make sense.
- 28 replies
-
- 3
-
-
- Account Security
- Jagex
- (and 1 more)
-
"Its not about the destination, but the Journey." °ï¦ï°¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯°ï¦ï° Who are we? Journey is a clan based on the proposition stated above which also works as our clan motto. We are a social & community based clan. Journey is indeed a fairly new clan, however, the experienced leadership are very optimistic about this clan and the potential it has in the near future. Clan Summary: ¤ Clan chat: 'Journey' ¤ Leaders: Poly & Jardeath ¤ Founders: Poly & Jardeath ¤ Founded: 14th November 2014 ¤ Home Worlds: P2P - World 134 ........................................F2P - World 3 ¤ Clan Forums: Off-Site Forums (http://forums.journey-rs.com/) ¤Twitter: @JourneyClan ¤ Clan Colours: Teal | Lime | White ¤ Clan Time: UTC (Game Time). Join the Journey! If you are interested in joining the Journey or simply just interested to know more about the clan (ranking structure, rules, requirements, etc) please visit the Journey Clan - Recruitment Thread on the Official RuneScape Forums. Get in touch with us on the recruitment thread, clan chat, or PM. We look forward to hearing from you!
-
last weekend i got my account hacked. the guy had my email any everything... i got my email back and messaged jagex they froze the account, know the weird part comes. i try to get pack my acc and for some reason they keep denying my request! even when i give them billing IDS and even old passwords! i even sent them the email i got when i made the ACC! WTF do i do ! this is on 07 btw, anyway i really could use ur help please! sorry for the grammar im in a hurry to get this shit back!!!
-
Hello Everyone, I created a OSRS account last summer and played for hours and hours. unfortunately I've somehow forgotten the passwords to my account as well as my linked E-Mail address due to months of inactivity. I have tweeted at Jagex with no reply asking the same question. I would appreciate some advice or a shared similar experience. Thank you all for your time, Mint_Grizz -
Subscribe, like, comment -
Jagex is beginning to mute accounts who use offensive language in PRIVATE MESSAGES between friends. See the attached reddit link to see the quote from Mod Lyon. http://www.reddit.com/r/runescape/comments/1g3cyv/jagex_moderator_mod_lyon_comments_on_automatic/
-
Hello guys Newbie in Town ^.^
Kokio posted a topic in Introductions, Farewells, & Forum Account Help
Hey Heyy heyy getting bored of rs so id like to talk to some of the other people and get a few idease plus im new so HIiiiiiiiiiiii hope we can get along ^.^ thnak you -
So i have recently made a pure account that is lvl 23 with 42 range (cannoned) (10 hp) i want to level strength yet have some decent hp levels to be able to pk with? Any advice how i can do so?
-
In the open is a quickchat line. This is all very interesting, lol. Certainly a step in the right direction for Jagex for stopping gambling. -
In this game, we post the Fibonacci Sequence. Aka, add the values from the previous *2* posts together to make the value of your post. Starting with what's clearly the right place to start this sequence: 0 Okay guys, but like, you understand this is a bad thread, right? This was kindof a joke where I'd make a bunch of bad threads that were just variations of the counting game, and they would be just as boring as the count to 30k game, and just as redundant as the count down from 10k game. And yet, people continue to post in this stupid ass thread. Like. [bleep]. This is a bad thread guys. Play in the good forum games, ffs.
-
Hey, I make money on my main, and when it get's over 15m cash, I transfer it to another account of mine with no stats. SOmetimes it happens I transfer a lot in not much time. Is it possible to get a rwt ban because I transfer money. It isn't a lot, no hundreds of millions, nor billions. but yeah approx. 5-10m transfer each time. Thanks!
-
[spoiler=Big images] http://www.reddit.co...s_on_automatic/ The new chat-watch system will automatically mute chat between you and your friends, IN PRIVATE CHAT, that is deemed offensive. See the above reddit link for a link to the whole post by Mod Lyon.- 182 replies
-
- 1
-
-
- Account Security
- Bots
- (and 8 more)
-
Making a blog because bad skiller and need motivation. 108/120 Dg other goalz 122mm/104m magic (yay!) 106m/104m sum 109m/104m range 58m/104m herb (;o)
-
Hello, A lot of users are getting emails from Jagex / RuneScape that there account has received an infraction. This emails are only trying to steal your RuneScape login details. Jagex will NEVER contact you by email, Jagex will ALWAYS use the RuneScape Message Center to contact you about offences or other things. Here are some examples of Phishing-mails: A new version tells you to confirm a email change: In all examples, all links are disabled. Please forward the full email to [email protected] so they can take action against this. See here the difference of a Phishingand official website: Please check the link and be safe!
- 13 replies
-
- 1
-
-
- Account Security
- Jagex
- (and 1 more)
-
So, i got hacked yesterday. I forgot to secure all my items by depositing them on my pin secured bank before logging off. With all my items i mean: bandos tassets, bandos chestplate, full slayer helm, barrows gloves, steadfast boots, amulet of fury, firecape, berserkers ring, chaotic rapier and my divine shield. Soooooo, i pretty much lost my whole bank :/ If you guys have any tips to recover my bank, please leave them in a comment. Thanks in advance ~ iTz Viruss 3
-
Jagex Account Guardian Tips (Securing Your RuneScape Account) In an ongoing effort to help protect our forum users and RuneScape players from being hacked or account hijacked, we have written up a post detailing our recommendations for how best to utilize Jagex Account Guardian. Jagex Account Guardian (JAG) is a new security system that allows you to set recognized "devices" (computers) and anyone who attempts to log in to your RuneScape account from an unrecognized device will be hindered by new security questions, which are unchangeable. To enable Jagex Account Guardian (JAG) for your account, login to RuneScape.com, navigate to your "Account" section, and at the top of the page there is a section called "Jagex Account Guardian" that will walk you through the steps of enabling the feature. Since you cannot customize the JAG recovery questions, it is more important than ever that you set answers that no one can guess! Think carefully before you enable JAG and pick your recoveries. First, try Googling yourself (both your real name and RSN) and searching through your social media accounts and forum posts. Are the recovery question answers obtainable through those outlets? For example, the question "Where was your first vacation / holiday?" is NOT a good choice if your first holiday photos are posted on Facebook for everyone to see. The question "What is your favourite sports team? is NOT a good choice if you have this listed in an online profile. The absolute BEST approach is to treat these recoveries like additional passwords and use random numbers, letters, and symbols. Alternatively, you could use some sort of random phrase that makes no sense whatsoever to anyone but you. Of course, this makes your recoveries extremely hard to remember, so let's take this a step further. If you want to ensure that you will never forget the answers to your JAG recoveries, you can either write them down on a piece of a paper and keep that paper some place safe, or you can even store those answers on an encrypted part of your hard drive. We do NOT recommend that you store the answers in a plain text file on your computer! That is not secure and anyone could simply open the file if they gain access to your computer! There are several ways you can encrypt files. Here are some examples: 1Password - The 1Password application allows you to store passwords, notes, and other information. All the information you store is strongly encrypted. You select a master password, which is required to unlock your data. True Crypt - This application creates a virtual encrypted disk within a file and mounts it as a real disk. It can also encrypt an entire partition or storage device, such as a USB flash drive or hard drive. This is great for encrypting all kinds of files, partitions, etc. There are many other encryption options available online, many of which are extremely easy to use and set up, but protect your data very well! Once you have your method of encryption, you can select recovery answers that are virtually impossible to guess or brute force. No one will be able to utilize social engineering to gain access to your account. Summary Enable Jagex Account Guardian. Select random questions. For the answers, use strings of random numbers, letters, and symbols, such as: 448,MJ:9?;B2/74T?932p Store the answers to the questions on your computer and encrypt them, using an application like 1Password or True Crypt. Secure the e-mail address linked to your RuneScape account with Gmail 2-step verification. Check this e-mail often. Sleep soundly, knowing your account is more secure! -
So recently my very first and loyal Runescape account has been hacked, they switched the password and the e-mail in wich the account is registred in. So I was told that the only was to get it back is to send a message to [email protected] and I so I did, and I can totally prove it's mine, since I own it since 2004... The problem is, I sent the e-mail with all the necessary stuff about three days ago, and got NO REPLY... So this made me think, am I doing anything wrong? Does Jagex even answer to account help emails? What can I do to recover my account? Thanks, hope anyone can help, was really feeling like getting back to runescape after a stoped year *sighs*
-
It won't get you unbanned or unmuted, but vent your frustration over having been unfairly muted/banned. Remember, no Jagex PM screeenshots or moderator quotes allowed. ----------------------------- All Forum Rules Apply
-
Ok so unless you have been living under a rock then yu know a lot of players use VPN's specifically for very easily AFKable things such as firemaking, harps, woodcutting, mining, etc. I specifically use them to do my crystal tree, dragon maw, ports and spins daily. Ironically I stopped a few days ago because ive been hooked on this summoners war phone game. But normally you could see me log in using the free version of teamviewer to access my computer and do my dailies after reset. Now what I noticed recently is a lot of people posting on reddit about this recieving bans. Some people are saying certain free VPN's are what gold sellers have been using and this is what has been tripping the botwatch. So now what I'm asking is what the players think? What does jagex have to say about these recent bans? A while back jagex was aware of player useage of VPN's. They seemed to express no concern for VPN use through their lack of reaction to players queries on the subject. So what i am doing is creating a seperate topic for this to prevent discussion flow on other threads. I am also charging everyone here to share information on this and to post relavent links and information here. Thanks for your concern and cooperation.
-
Last played the live game (eocscape, rs3, whatever we call it now) regularly about a year and a half ago. Played a bit of old school more recent than that. Bit confused as to what exactly this legacy mode is? Do weaknesses still matter as much as they initially did right after the launch of eoc? Rsn is 'steal yo dad' if you'd like to see my stats. How should I get started back up with moneymaking and is there a general template for slayer out there somewhere? I have a chaotic maul and a barrows set currently. Obviously gonna have to work on that haha. Also, logged in today and found out there's a double xp weekend coming up, what's generally the best way to go about deciding what to spend my time on? Thanks a million.
