June 29, 200521 yr Well I liked the idea of the colours being randomly placed on your screen each time, but then someone mentioned colour blind people. What if they were pictures of numbers that changed postition everytime you went to a bank. This could also be optional aswell, I am only saying this incase of the colours and colour blind people, they could choose not to use it
June 29, 200521 yr I like the keypad idea but it'd be a pain in the arse to always have to type in a password for your bank each time you go there.... Domovoi123-Level 80 f2pNoxious 0ne-Level 46 f2p
June 29, 200521 yr If somone was a sifisticated enough programer then they could create a keyloger which reads binary so it wouldnt matter where the immage was placed it would just record what the image is in binary. But i hope that there is no one with that kind of programing experiance playing this game :?
June 29, 200521 yr Domovoi, once per session would be enough. Painy, it will never be hacker-proof. ;) That's why it's always necessary to protect our computers and exercise common sense. The only safe way is to be offline. :)
July 1, 200521 yr well painey the ones who do either dont care enough or have the patience to do this there arent very many REAL hackers playing the game....although I have seen someone debug a player so he appeared as a headless skelaton
July 1, 200521 yr how about this: a 10-digit keypad RANDOML appearso the screen you then click the different nummbers to get in of courseitdonly be 4 digits, so that noobs can remember it :wink:
July 1, 200521 yr It doesn't matter if we have zillions of passwords, I still rekon there are people out there stupid enough to get themselves hacked.
July 3, 200521 yr the only way to completely kill hacking is to allow only one ip on an account which would also kill sharing but you need like a 2 week thing to request an ip change onyour account 485th person to ever play RuneScapeBlue107- perm banned 10/12/2007. $300 USD reward if you can get me in contact with someone who will take 5 seconds to look at evidence and get my original character unbanned.
July 4, 200521 yr the only way to completely kill hacking is to allow only one ip on an account which would also kill sharing but you need like a 2 week thing to request an ip change onyour account Ever heard of dynamic IPs ? In other words, how most people connect to the net ? Impossible to use your idea.
July 4, 200521 yr Common sense is all you need to protect from hacking. Getting hacked is the victim's own fault. You don't just get hacked, you have to get yourself hacked.
July 20, 200520 yr Common sense is all you need to protect from hacking. Getting hacked is the victim's own fault. You don't just get hacked, you have to get yourself hacked. Word. Most people who do "get keylogged" were dumb enough to search for "cheats," then downloaded it themselves. So don't be dumb. Or download anti-intrusion software and run it every session... ~<.E.>~
August 5, 200619 yr And 1 year later... We have bank PIN's! Kudos to Jagex. Perhaps they looked at this post and took notice :? I like to think so anyway. ~<.E.>~
August 5, 200619 yr i think the system should have this: pass word to login(already there duh lol) Pin to log in-4 digit code that you have to enter when you log in-if you dont put it in you cant have access to your bank for 24 hours just so people wont mess up a warning pops up if you havnt entered this (screen would look like this: Username: PassWord: Login PIN:) Main bank pin: a system of 4 letters and 4 numbers-this has to be put in once a day to get main access(resets at 12:00 a.m so you have to put in again) Bank Password-6 letter word to gain access to bank along with other things Bank Pin-Already has Strange Straps: On your inventory there are 4 straps on your backpack..in order to look at your inventory when you first log in you have to unhook these straps in a certain order(can help you if you dont bank your stuff when you log out) thats about it :) :) :) i might think of some more.. of course these would have to be optional because someone would complain about there being to much stuff to enter
August 5, 200619 yr I don't like the idea personally, keyloggers can still see EVERYTHING you type. But atleast with runescape, bank pins you don't need to TYPE it so i don't think keyloggers can see it, which with technology today i beleive keyloggers can take like screenshots of your bank pin. I don't know though. I read a suggestion earlier this month about protecting yourself and being hackproof and quite frankly i like that idea better. Where you type in your IP adresses where you can log in from, and ONLY from there. PLAY this awesome game...Clicky
August 5, 200619 yr Or do a connect the dots type thing to enter your numbers? Its not only fun, it cant be logged?
August 5, 200619 yr More passwords and PIN's can be logged as easily as a small amount of passwords and PIN's. Ergo,more passwords would not only make little difference security wise, it would make it a pain to log in and do other basic functions. While protection of a wide array of actions might seem desirable to some, most would not welcome the changes ~ ergo, such additions would likely to be implemented. IP log in also seems like a great idea, but unfortunately there are also some flaws in such a system. Have you ever heard of dynamic IP's? If not, there is some mention of them previously in this thread (p.2 i believe, not sure). From my limited understanding, these IP's can be changed with relative ease if you know what you are doing. So if you log on based upon IP, consider this question: what if you change IP's? This can happen for various reasons (including the one above). You can't log on. Jagex would have to add a whole section for "IP recovery/changes" to their customer service. I wouldn't presume to know the inner workings of Jagex, but what I do know is that with such a section, Jagex would require more staff and capital to moniter IP connectivity. In closing, IP log in would be ideal, but for logistical reasons I believe it shall never come about.[ ~<.E.>~
August 6, 200619 yr ive got the most amazing idea ever! get a firewall that works on keyloggers and trojans, that way you dont have a problem. and dont use stupid passwords that ppl can guess! maybe a virus scan that can look for keyloggers also. hows that?
August 6, 200619 yr I know what youre saying, but the password required to get into your bank HAS to be a collection of four numbers, now i dont know whether you can have the same for your runescape password, but i dont really see the point in having them the same either, (unless you have got a rubbish memory, and you can only remember one password, lol :roll: )
August 7, 200619 yr Although this thread is for anti-stealable banks, for argument's sake let's go over the present general security situation: [1] everyone has a unique password {keylogger vulnerable} [2] everyone CAN set recovery questions {not vulnerable} [3] members may use credit card or member PIN info for recovery {not vulnerable} As you can see, these 3 (perhaps there are more) methods are used almst exclusively to protect accounts. The password can be keylogged, but f2p members can set recov questions, and members can also use credit card info, which is harder (but of course not impossible) to keylog. Where does the Bank PIN fit in? It is a stalling mechanism, nothing more. It doesn't protect your bank from thievery; it supposedly gives you enough time to get Customer Service to lockdown your account (3 days). If you don't set it in motion, nobody will do it for you. So, are you suggesting a login PIN with an identical interface as the Bank PIN (numbers randomly switch about)? Anything less is loggable and worthless. The interface itself has to be randomized (I point again to the "sleep" feature in RS classic, if you know what that is). However, interface aside, there is no purpose to an account PIN. The Bank PIN is to alert you of a hacker, and give you enough time to change your account info. What would the account PIN do? It seems a bit wasteful. ive got the most amazing idea ever! get a firewall that works on keyloggers and trojans, that way you dont have a problem. and dont use stupid passwords that ppl can guess! maybe a virus scan that can look for keyloggers also. hows that? And of course prevention is the best way to keep from being hacked. We're talking about extra account protection. ~<.E.>~
August 9, 200619 yr lol i was reading this and was like wtf? bankpins we have already dammit are you all [wagon]es it is so [bleep]ing obvious lol.
August 9, 200619 yr ok HERE IS ACTULY HOW HACKERS GET YOUR BANK PIN!!1 what happens is when the keylogger on you comp detects you clicking on the bank pin screen it takes a screen shot and if u hadent noticed before when u click the number it disapears for about 1 second so if a screen shot is taken at this point all a hacker has to do is figure out which number is gone. Then repeat for all 4 numbers. Soultion: Insted of having the number dissapear apon clickign it have all the numbers randomize at that moment so what ever number hte screen shot shows u clicking is not actuly the number u clicked. I hope somone actuyl takes the time to read this thxs vibro for the sig ^_^.
August 11, 200619 yr What if u only have to type in the password when u log-in from a different IP address? Most people log-in from the same computer all the time and Jagex would remember the IP address that you last loged in from. If you then log-in from another IP (friends house, library, ect.), Jagex will make you type in your 'bank password' and save that IP address ad the last IP loged in from. This will not be much of a hassel because you will only have to type in your password once instead of everytime u log-on. If someone does hack your account, Jagex will already have the IP saved with this new system so them can ban the scammer. PURE F2p
August 11, 200619 yr ok HERE IS ACTULY HOW HACKERS GET YOUR BANK PIN!!1 what happens is when the keylogger on you comp detects you clicking on the bank pin screen it takes a screen shot and if u hadent noticed before when u click the number it disapears for about 1 second so if a screen shot is taken at this point all a hacker has to do is figure out which number is gone. Then repeat for all 4 numbers. Soultion: Insted of having the number dissapear apon clickign it have all the numbers randomize at that moment so what ever number hte screen shot shows u clicking is not actuly the number u clicked. I hope somone actuyl takes the time to read this most keyloggers dont take screenshots...and you know how hard it would be to go through all the clicks someone made until they got to their bank pin...this is why most keyloggers dont take screenshots.
Create an account or sign in to comment