Jump to content

Do we need more Account Security in Runescape?


Dire_Wolf

Recommended Posts

Don't reckon we do.

 

I would like the ability to have jagex know our email so it can be sent to us if its lost though...Too late for that now.

Doomy edit: I like sheep

Link to comment
Share on other sites

  • Replies 55
  • Created
  • Last Reply

Top Posters In This Topic

Top Posters In This Topic

This reminds me of the idea to have a way to bury some of your valuables randomly thoughout the map so only you would know where they are if someone hacks you.

 

Our future technology based on what dogs have been doing for centuries? HELL YES!

sig.jpg
Link to comment
Share on other sites

The gap in security is at the users end not runescape. Yes Jagex need to have some better customer support in the account security team but the things they put in place go above and beyond most other games. Its common sense thats needed by the average player, its not something Jagex can control other than forcing people to change recoveries every year or two or changing the password every few months

612d9da508.png

Mercifull.png

Mercifull <3 Suzi

"We don't want players to be able to buy their way to success in RuneScape. If we let players start doing this, it devalues RuneScape for others. We feel your status in real-life shouldn't affect your ability to be successful in RuneScape" Jagex 01/04/01 - 02/03/12

Link to comment
Share on other sites

They keyfob thing that generates a unique code is good but perhaps a little too muich for what is essensially just a game. I use one for online banking and one for connecting to the work servers when im working from home. If they were subsidised at less than a tenner id be tempted to get one though.

 

 

 

I've had issues in the past with Jagex giving my character away to someone who bombarded them with account recoverry requests. Having a cryptokey would ensure this never happens again.

 

 

 

There would need to be a way to resync the thing though remotely possibly by a fob id number at the back that you type in that into the RS website followed by the number thats showing on the front of it which resets it back to normal.

 

 

 

Also there would need to be a system in place for people that have lost it.

612d9da508.png

Mercifull.png

Mercifull <3 Suzi

"We don't want players to be able to buy their way to success in RuneScape. If we let players start doing this, it devalues RuneScape for others. We feel your status in real-life shouldn't affect your ability to be successful in RuneScape" Jagex 01/04/01 - 02/03/12

Link to comment
Share on other sites

They keyfob thing that generates a unique code is good but perhaps a little too muich for what is essensially just a game. I use one for online banking and one for connecting to the work servers when im working from home. If they were subsidised at less than a tenner id be tempted to get one though.

 

 

 

I've had issues in the past with Jagex giving my character away to someone who bombarded them with account recoverry requests. Having a cryptokey would ensure this never happens again.

 

 

 

There would need to be a way to resync the thing though remotely possibly by a fob id number at the back that you type in that into the RS website followed by the number thats showing on the front of it which resets it back to normal.

 

 

 

Also there would need to be a system in place for people that have lost it.

 

 

 

 

 

all thats easily done..

 

 

 

another option would be using cell phone and text messages. My bank uses that and its pretyt decent

mementh.jpeg

The following statement is true. The previous statement is false. 60% of all statistics are made up 90% of the time

andrew i love you & want you to have my babys!!! <3:

Finally, I get to save the Earth with deadly lasers instead of deadly slide shows!

Link to comment
Share on other sites

Except i dont really wanna be texting in every few minutes while i keep falling off rs when woodcutting/watching tv.

612d9da508.png

Mercifull.png

Mercifull <3 Suzi

"We don't want players to be able to buy their way to success in RuneScape. If we let players start doing this, it devalues RuneScape for others. We feel your status in real-life shouldn't affect your ability to be successful in RuneScape" Jagex 01/04/01 - 02/03/12

Link to comment
Share on other sites

Except i dont really wanna be texting in every few minutes while i keep falling off rs when woodcutting/watching tv.

 

 

 

you would only need one text at that point.. and it would be valid till you logged out (or say for a hour)

mementh.jpeg

The following statement is true. The previous statement is false. 60% of all statistics are made up 90% of the time

andrew i love you & want you to have my babys!!! <3:

Finally, I get to save the Earth with deadly lasers instead of deadly slide shows!

Link to comment
Share on other sites

please remove locking accounts :wall: :wall: :wall: :pray:

 

and the moment someone is finding it funny to get my account locked again and again and again

Check it out, huge amount of effort has gone into this massive mod!

ODG6e0M.png

[hide=old sig]

newsig.png

[/hide]

Link to comment
Share on other sites

you would only need one text at that point.. and it would be valid till you logged out (or say for a hour)
I'm allways accidently logging off Runescape though. I wouldnt want to have to text each time especially as texts are not free (unlike keyfobs)

612d9da508.png

Mercifull.png

Mercifull <3 Suzi

"We don't want players to be able to buy their way to success in RuneScape. If we let players start doing this, it devalues RuneScape for others. We feel your status in real-life shouldn't affect your ability to be successful in RuneScape" Jagex 01/04/01 - 02/03/12

Link to comment
Share on other sites

I have setled for 20 chars of seemingly random numbers and letters. The uppercase and sybols can go...themselves. I can rember my pass because it is built out of tiny segments that mean something to me and only me. I have no meaningful segments with symbols and random caps would mean a shorter a password so I would have a hope in hell of actualy getting it right.

Link to comment
Share on other sites

You can already bank your stuff before you log off and make a decent password if your clever enough. I've never been "hacked" in 6 or 7 years of having an account with visible wealth on it.

 

 

 

Get some decent security for your PC, don't give your pass out to ANYONE. No need to make it harder to play for people not affected.

Link to comment
Share on other sites

No. Account security is almost exclusively the users job. As for length of password, do you realize that virtuallyy no passwords are broken by brute force; even cracking an 8 character password over the internet is basically impossible without the hash (And I'm sure Jagex secures their servers enough to prevent that). A few stolen accounts might come from dictionary based brute force attacks, but I'd like to think that not many people are dumb enough to use simple words for their password. I'd be willing to bet that a very high percentage of hacks are due to keyloggers. It takes a real techie to mount a brute force attack, and the chances of success are low. If they could brute force, you'd think someone would have hacked into, say, Duke Freedom or Zezima's account? Sure, their passwords are probably long and complicated, but length is the only thing that matters in brute force. Mathmatically speaking, its impossible for anyone to crack a decent length password over the internet without the hash, unless they have large rings of zombie computers. Anyway, keyloggers are the ones responsible for nearly every hack, and the blame lies directly on the user. All the security in the world Jagex could think of could be easily thwarted by a keylogger, and it doesn't make a difference if your password is 8 or 20 characters long. These are due to people not having updated antivirus\spyware, and\or downloading things that they shouldn't (limewire etc.). Jagex can't change these things; its all the end users fault. And I do know what I'm talking about, I've removed dozens of malicious programs from customer's computers, and any one of them could easily be used to "hack" a runescape account. Keyloggers are almost pathetically easy to set up and run; any half decent script kiddy can try and hack a runescape account. Basically all Jagex can do is secure their servers, which they seem to be doing quite well. Stop trying to blame them; its our (or brother\sister\wife\mother\father\cousin) fault. I never worry about changing my RS password or being hacked; I'm considering removing my PIN. Feel free to quote this post and try to argue, I'm in a good arguing mood right now. \'

DeviledEgg24.png

Drops: 1x Draconic Visage, 56x Abyssal Whip, 5x Demon Head, D Drops: 37, Barrows Drops: 43, DK Drops: 29

GWD drops: 14,000x Bars, 1x Armadyl Hilt, 2x Armadyl Skirt, 4x Sara Sword, 1x Saradomin Hilt, 8x Bandos Hilt, 8x Bandos Platebody, 9x Bandos Tassets, 4x Bandos Boots, 43x Godsword Shard, 82x Dragon Boots

Dry streak records: Saradomin 412 kills Bandos 988 kills Spirit Mages 633 kills - Slayer Sucks

Link to comment
Share on other sites

I propose a 3rd way of "hacking" peoples characters that don't involve keyloggers or brute forcing attacks. It happened to me and ive spoken to a few others who also feel the same way. I believe that people are submitting account recovery reqests to jagex for character that have gone into "retirement" over and over until convincing Jagex they are the rightful owner. as the retred person doesnt ever try to log in then the request is never contested and eventually Jagex hands over the account. They then reset recoveries and bank pin and wait. A week later they then have full access to your account and bank etc. It was over a year before I discovered someone was using my own account. It is now rightfully back in my hands, though it took a long time convincing Jagex I was the true owner.

612d9da508.png

Mercifull.png

Mercifull <3 Suzi

"We don't want players to be able to buy their way to success in RuneScape. If we let players start doing this, it devalues RuneScape for others. We feel your status in real-life shouldn't affect your ability to be successful in RuneScape" Jagex 01/04/01 - 02/03/12

Link to comment
Share on other sites

There is already barely any incentive for someone to hack you as you can't transfer items very easily. If you are really insecure about your account make a long password and frequent update your antivirus protection and scan often. There isn't anything left for JaGex to protect you from except maybe make you call their HQ first and then you can start playing (some chinese mmo does this).

 

 

 

If you are going to suggest more account security is needed, maybe you should first suggest a couple ways to make your account safer.

awesomeaa9.png
Link to comment
Share on other sites

I propose a 3rd way of "hacking" peoples characters that don't involve keyloggers or brute forcing attacks. It happened to me and ive spoken to a few others who also feel the same way. I believe that people are submitting account recovery reqests to jagex for character that have gone into "retirement" over and over until convincing Jagex they are the rightful owner. as the retred person doesnt ever try to log in then the request is never contested and eventually Jagex hands over the account. They then reset recoveries and bank pin and wait. A week later they then have full access to your account and bank etc. It was over a year before I discovered someone was using my own account. It is now rightfully back in my hands, though it took a long time convincing Jagex I was the true owner.

 

Yes, but think of all the legitimate retired players that simply cannot remember many details, but would like to have their account back. Jagex could easily tighten up and get rid of most of these "hackers", but in doing so many legitimate retired players could not get their accounts back. Its all about striking a balance, really; and between IP logging and account tracking, they seem to be doing OK on this end. Without looking at how many legitimate players try to recover their accounts, we really can't point fingers and say Jagex is at fault. Which would you rather, a 1/10,000 chance (random guess) of being hacked after retiring, or a good chance that you won't be able to get your account back if you've forgotten your passwords and do not have them saved (or they were deleted)?

DeviledEgg24.png

Drops: 1x Draconic Visage, 56x Abyssal Whip, 5x Demon Head, D Drops: 37, Barrows Drops: 43, DK Drops: 29

GWD drops: 14,000x Bars, 1x Armadyl Hilt, 2x Armadyl Skirt, 4x Sara Sword, 1x Saradomin Hilt, 8x Bandos Hilt, 8x Bandos Platebody, 9x Bandos Tassets, 4x Bandos Boots, 43x Godsword Shard, 82x Dragon Boots

Dry streak records: Saradomin 412 kills Bandos 988 kills Spirit Mages 633 kills - Slayer Sucks

Link to comment
Share on other sites

Runescape accounts are already ridiculously safe. There is absolutely no way to get "hacked" unless you are careless with your details/passwords. The only way to get a key-logger that targets your Runescape account is by looking at a Runescape related website, usually cheating websites. If you don't want to get hacked, use some freaking common sense. Make you details only something that you know, so not even your friends can guess them. And make your password complex with both letter and numbers so your freinds can't guess that either. It's not hard. People don't just look at you in-game and say "I'm going to hack that guy" and then do it. It doesn't work that way.

Link to comment
Share on other sites

Honestly we need more computer security. I can't think of a single actual incident where Jagex's server's security was compromised. I hear all the time of people's accounts being "hacked". My account was hacked due to using it on my sisters laptop not realizing she didn't have AV.

wii_wheaton.png

[software Engineer] -

[Ability Bar Suggestion] - [Gaming Enthusiast]

Link to comment
Share on other sites

Honestly we need more computer security. I can't think of a single actual incident where Jagex's server's security was compromised. I hear all the time of people's accounts being "hacked". My account was hacked due to using it on my sisters laptop not realizing she didn't have AV.

 

 

 

Well, that's ultimately your fault. Jagex can't put AV on your machine for you. Nor should they be responsible for the integrity of your machine.

 

 

 

Let's suppose for a second that Jagex did put those mechanisms up. Would that still save you from a keylogger?

Linux User/Enthusiast Full-Stack Software Engineer | Stack Overflow Member | GIMP User
s1L0U.jpg
...Alright, the Elf City update lured me back to RS over a year ago.

Link to comment
Share on other sites

Well, someone insists on changing my pass all of a sudden. Twice in 3 days -.-

 

 

 

I've been hacked twice before, but that was due to my own stupidity. I now have an updated AV and I've had no keyloggers or anything like that. The only person who knows my pass is one of my best mates irl and I trust him as I also know his pass. Anyway, when I get my account unlocked (locked due to suspicious activity because of my appeals)

 

I will check the last logged on IP and check it against my friends to make sure though.

d8624cb6e2.png

Barrows drops: 1 Karils skirt on first run :twss:

Link to comment
Share on other sites

Well, someone insists on changing my pass all of a sudden. Twice in 3 days -.-

 

 

 

I've been hacked twice before, but that was due to my own stupidity. I now have an updated AV and I've had no keyloggers or anything like that. The only person who knows my pass is one of my best mates irl and I trust him as I also know his pass. Anyway, when I get my account unlocked (locked due to suspicious activity because of my appeals)

 

I will check the last logged on IP and check it against my friends to make sure though.

 

 

 

Would you give your "friend" your bank PIN number? :wall:

 

 

 

I suggest that you have words with your "friend" - he could be playing a joke with you.

 

 

 

Plus, technically you are both breaking the account sharing rule :wall:

Link to comment
Share on other sites

Just having a username and password is secure enough.

 

 

 

The only thing that needs securing is JaGex's trash cans.

 

There's a load of information you could acquire just from dumpster diving.

 

-> calendars with special dates of employees, company phone book and address, cd's, hard drives, blue prints and other pieces of useful information

 

Here's a quick one. Ring up JaGex;

 

"Hi I'm Bill from maintenance from (state a company listed in the phone book), I was meant to get a password and username to briefly assess the servers , but Mr. Gower is away for the week (special dates) and must of forgot to call in. Mr Fisher ('Bill's' boss which would likely be listed in JaGex company phone book) asked me to call and retrieve the username and password that is required"

 

^ Larger companies have fallen prey to this and have actually given out access codes to their entire company. Unless there are protocols such as call backs or completely deny over the phone information - companies are doomed.

 

 

 

Then boom! The servers security is breached, your account is open to attacks, your little brother is crying....

 

 

 

OR

 

 

 

Start an intimate relationship with one of the staff that works at JaGex. So whos willing to date Andrew just for a few passwords?

 

 

 

Unless someone is willing to do any of the above, Rune|Scape is safe. But who the hell would go to all this trouble just to hack some pixels.

"I'd rather bear the comments people say to insult ya, then to poison my skin and erase my culture " - Deep Foundation

Link to comment
Share on other sites

i would like alot more security such as only allowing my IP to go on my account

 

 

 

 

 

Sadly you would not when your IP changes..

 

Unless you use a Commercial account you have a dynamic ip which changes from ever time you login (using dial up) to about ever 7 days (using dsl/cable)

 

 

 

Um. Anyone kind enough to explain to me why there is a need for more account security? Are the hackers going to take our stuff again?

 

 

 

No, some people like me just want to have a FOB and better security because we are over sensitive to how easy it is to destroy a account... (just going in and dropping everything on the floor and letting it disappear would hurt you)

mementh.jpeg

The following statement is true. The previous statement is false. 60% of all statistics are made up 90% of the time

andrew i love you & want you to have my babys!!! <3:

Finally, I get to save the Earth with deadly lasers instead of deadly slide shows!

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.