Why aren't passwords case sensitive?

[Wkw]

Why doesn't Jagex allow you to use capitalization and symbols (!@#) in passwords? It seems like they are trying to limit account security by not allowing it. Optional, yes, as much as having numbers in your password, but it would be useful for those who know how to make secure passwords and aren't afraid to use them.

[Kimberly]

MMG has an extremely strong security background and he was actually a big factor in registering with emails to bolster security, reminding people to use more difficult passwords, etc. This will probably be the next step in the future, but I'd guess more pressing issues take priority. After all it's pretty hard to get hacked if you're not foolish.

[highlanders]

People lose their passwords either by falling for phising, getting a keylogger, or telling them to an untrustworthy friend. In all 3 cases, having weird characters in the password doesn't prevent anything.

[Danqazmlp]

I'd also add onto the above two posts, there is probably a big reason stopping them from doing so. I don't know what it is, but with how security concious Jagex are, I would assume it isn't as simple as turning on a switch, else they would have already done it.

[ilovecuttingyews]

iirc you can only fail guessing a password 10(?) times before it locks you out for a while so it's not like you're going to get hacked by brute force dictionary attacks anyway. Like highlanders said, the only way people get hacked is phishers or keyloggers (or rarely guessing recoveries).

[GuidesForScapers]

Tbfh it isn't hard to make a password with letters and numbers that would take weeks to brute force and be impossible to guess. Not the best, but damn good enough unless you are a [developmentally delayed] who throws their password at every "friend" they've known for more than 2 days or someone who claims to "never download anything", excluding those 4 Runescape DDoS tools on your desktop.

 

Getting hacked is for idiots.

[Viv]

Tbfh it isn't hard to make a password with letters and numbers that would take weeks to brute force and be impossible to guess. Not the best, but damn good enough unless you are a [developmentally delayed] who throws their password at every "friend" they've known for more than 2 days or someone who claims to "never download anything", excluding those 4 Runescape DDoS tools on your desktop.

 

Getting hacked is for idiots.

or tired people that fall for phishes on tipit or ect...

 

tho they usually do a good job of taking them down immidiately people make sites that look exactly like the rs site.........and people accidently put thier pass inthem:P

 

edit:i never got hacked but almost fell for one of those pHish and seen plenty of links to a fake rs site here on tipit so im sure they are at other places where they dont get taken down quick

[GuidesForScapers]

Tbfh it isn't hard to make a password with letters and numbers that would take weeks to brute force and be impossible to guess. Not the best, but damn good enough unless you are a [developmentally delayed] who throws their password at every "friend" they've known for more than 2 days or someone who claims to "never download anything", excluding those 4 Runescape DDoS tools on your desktop.

 

Getting hacked is for idiots.

or tired people that fall for phishes on tipit or ect...

 

tho they usually do a good job of taking them down immidiately people make sites that look exactly like the rs site.........and people accidently put thier pass inthem:P

 

edit:i never got hacked but almost fell for one of those pHish and seen plenty of links to a fake rs site here on tipit so im sure they are at other places where they dont get taken down quick

 

It is still idiotic to fall for a phisher, tired or not. It is extremely easy to tell the difference between the real Runescape website and a phishing site.

 

Of course, people make mistakes. I understand that, but people refer to mistakes as 'stupid mistakes' for a reason.

 

The only times i have ever been hacked are when i was a [wagon] 12 year old who was too trusting of other people and when i didn't think my family were stupid enough to get our family computer infected. It was stupid of me to think that and it was stupid of me to trust people, and i realise that.

 

I have never downloaded a virus, been on a java driveby site and accepted the applet, fallen for a phisher or shared my account with someone i shouldn't trust (excluding that one time when i was a handicapped 12yo). Even in the instances where i wasn't able to avoid my account being hacked, i had mitigated against it and was able to prevent any of my items from being taken or my account being stolen/locked.

 

If i am able to avoid it, along with MANY others, i see no problem with calling out those that aren't and saying it is entirely their fault.

[The Observer]

Allowing people to increase their password strength only opens it up to more people who aren't very good at remembering them, which will result in them writing it down in a public place and thus getting hacked.

 

And yeah, I'll agree with a lot of the posters here that the majority of the time, people can't guess your password unless you make it something very simple. Even if you create a password with a random password generator without case changes, it'll still result in a strong enough password.