Anti-Stealable Bank

[Trojann2]

Ok so lets say somone gets yer pass and hacks yer account...But they don't get a thing...How because yer bank to access requires a password to get into it the first time each session you logon. It could prove a hastle but would keep yer account pretty safe. Unless yer a dumb noob and keep both passes the same then yer screwed. Post comments.

[magekillr]

it doesnt matter really...the keyloggers can still see everything that you type and eventually figure it out anyway

 

 

 

 

 

 

 

 

 

 

 

valiant effort...but no cigar

[Seahorse]

Here is my suggestion, every players have 3 sets of password. One for logging into RS, one for accessing bank, last one for logging into RS website to change password or personal info so that hacker cannot change them even if they cant hack ur account.

[Crim_nimora]

it would need to be a given password that rs distribute to players so it cant be predictable cause the top three passwords are known to 90% of all people

 

 

 

Swordfish due to that lame movie

 

 

 

Firefly due to much better movie

 

 

 

123456 due to uncreative idiots

 

 

 

the next top 20 include every imaginable profane word ever and the owners name or lovers name/phone number

[cp223]

Good idea indeed :P

[Eric2203]

Here's a my suggestion: let's all have a million passwords.

 

 

 

 

 

 

 

 

 

 

 

That was sarcasm... did it occur to you that if a keylogger records one password, then it will record a second one ? And a third one... and a fourth one... even if the password is given by Jagex, you'd have to type it. So, you get hacked again... And don't start about on-screen keyboards. Most mimic keyboards and a keylogger sees it, just as if it was a physical keyboard. And other keyloggers record mousestrokes and movements. Tthere's no way to prevent hacking other than protecting your computer and using common sense. It's not that hard really.

[Escape5]

Too many people have suggested this, but it is still a decent idea

[Potatosniped]

Good Idea, but a Keylogger beats it all. How about a "number" based security system, so to access your bank, you have to click on the number to move it up or down, and if you dont have the number, it wont work! Keyloggers wont get that, they only record keyboards

[Potatosniped]

Good Idea, but a Keylogger beats it all. How about a "number" based security system, so to access your bank, you have to click on the number to move it up or down, and if you dont have the number, it wont work! Keyloggers wont get that, they only record keyboards

[Eric2203]

Wrong. Some keyloggers record mouse movements and strokes. As I posted above.

[Nabski]

How about this, you pick a color and that is your bank combination. When you acess your bank for the first time after logging in it presents those colors, but in a random location. That way your strokes mouse movements are different each time. If you don't like colors use shapes. If that didn 't make sense tell me because sometimes I leave out important parts of my thoughts.

[Bubsa]

How about this, you pick a color and that is your bank combination. When you acess your bank for the first time after logging in it presents those colors, but in a random location. That way your strokes mouse movements are different each time. If you don't like colors use shapes. If that didn 't make sense tell me because sometimes I leave out important parts of my thoughts.

 

 

 

 

 

 

 

Nice try but then you have to consider the colourblind people.

[krenbr]

i like that idea expecually the first time but what about peoples inventory so when u log in a diff screen should pop up instead of in game screen and u enter pass there to beable to move because what if u have full sara on theres ur full sara you should only be able to look at skills talk to friends and log out intill u enter ur seccond pass this would not even let them

[shadowshow]

how about a on screen combo that you use your mouse on the screen with, the keyloggers cant folow that 8)

[yougotcot]

a keypad where you use your mouse, that should deflect the keyloggers:)

 

 

 

of course, your key pad would move around the screen each time. maybe even kill the autoers?

 

 

 

 

 

 

 

the keypad would use your mouse, its a keypad but your mousoe clicks on the buttons

[Eric2203]

You guys can't read... some keyloggers can follow your mouse. And if that was introduced, all the hackers out there would start using them.

[qerewen]

even though the numer pad would move around that would only evolve the key loggers to read data to so evn though u log in with the keypad looking like:

 

 

 

 

 

 

 

1 2 3

 

 

 

4 5 6

 

 

 

7 8 9

 

 

 

* 0 X

 

 

 

 

 

 

 

and next time it will look like:

 

 

 

 

 

 

 

9 8 7

 

 

 

1 2 3

 

 

 

5 4 0

 

 

 

6 * X

 

 

 

 

 

 

 

 

 

 

 

it would be the same data sent with the key pressed like:

 

 

 

1 where ever its place it would always be 0110(or something like that)

 

 

 

and 2 would be 1001 no matter where its placed(or something like that)

[yougotcot]

nah, i meant that the keypad would move around the screen, not the numbers would jumble around.

[thaimodz]

Maybe a verification system that the users use mouse to crack out.

 

 

 

 

 

 

 

Possibly some kind of Accound ID that's generated from some contact details you gave to Jag

[Eric2203]

Either you don't read the whole thread or you choose to ignore what I posted before. There are keyloggers that can follow your mouse. The idea to move the numbers around the screen (or even just a keypad) is good because it would require a keylogger that takes screenshots. There may be one out there (no idea) but it sure isn't as common as the others.

 

 

 

 

 

 

 

Forget mouse or keyboard, this won't solve anything. You need to add another element to it.

[gotsol]

here is my idea and it is 100% percent keylogger hack safe. Every time you log on to the the game it shows where u last logged in from. Why cant we set a ip address to our bank to where we can only access our bank from that computer. You could have the choice to use or not. But if your someone who only plays on one computer it would work awesome. Or if you could put down 5 ip adress to were this is only where your account can be logged in from.

[Escalus]

In response to gotsol's idea:

 

 

 

 

 

 

 

Yes it's good in theory, but remember, most of runescape's inner workings happen not on your computer, but on the jagex servers. This means jagex would have to make sure the ppl using the account have the correct ip's. Indeed this could be done. However, what if a hacker leaves a keylogger and a tunneler as well, so that the hacker could use your comp's connection? Granted, this would take a c**p load of work and coding, but we're being hypothetical here...

 

 

 

 

 

 

 

My own suggestion: <-------Eric2203, maybe this solves ur problem

 

 

 

 

 

 

 

What about the first time you go to ur bank each session, you have to fill out a randomized thingee, like when jagex added the fatigue thingee to rsc in an attempt to stop hacking (AR) [i'm sorry for referring to it as "thingee" but thats all i can come up with] . This was extremely successful for a while. The pass comes from jagex itself so a program would fail, and is randomized so people cant guess. :?

[gotsol]

It's easy to avoid being keylogged. Alot of ppl who are keylogged get so through their own stupidity. i.e. looking for cheats/hacks/etc. Honestly, this idea would put a major crimp in most "hacker's" game (i.e. pluggin in all the words in the dictionary via a program) A pain for the rest of us? Yes. Maybe hacking is darwinism - the ones who aren't dumb as cabbage survive. But this is not what rs is about. I say, "add the damn extra passwords!"

 

 

 

 

 

 

 

In response to gotsol's idea:

 

 

 

 

 

 

 

Yes it's good in theory, but remember, most of runescape's inner workings happen not on your computer, but on the jagex servers. This means jagex would have to make sure the ppl using the account have the correct ip's. Indeed this could be done. However, what if a hacker leaves a keylogger and a tunneler as well, so that the hacker could use your comp's connection? Granted, this would take a c**p load of work and coding, but we're being hypothetical here.

 

 

 

that has to be the best 1st post i have seen anyone do. And yes jagex should add extra passwords

[Escalus]

Thanks gotsol, i edited it alot, including right after u posted :lol:

[Eric2203]

Yep Escalus. You said randomized, and that's the key here. If it's unpredictable, it's a lot harder for keyloggers. It's like that idea above to move the keypad numbers around. You never know where the one you need is going to be.

 

 

 

 

 

 

 

gotsol, the problem is that a lot of people have dynamic IP addresses. Mostly dial-up users, but not just them. Even on cable, and even more so on DSL, it can (and usually is) dynamic. It just doesn't change as often. You can go around that by adding the IP range of, say, your whole town or county (depending on how your ISP works), but then you allow a lot more than 5 IPs by doing that. Plus it requires knowledge on the users part. There are also people who switch ISPs. There's those who forget...

 

 

 

 

 

 

 

Finally, and that's what kills it, if someone has a keylogger on his computer, hackers can still change the list of allowed IPs. How ? Well because Jagex would have to provide a way for users to recover the IP list if they forgot to change it and their ISP has changed (or been bought... etc). Just like you can recover an account password. If someone keylogs you and knows all your info, all he has to do is go through the recovery process and allow his own IP. And you're done for.