Jump to content

Jagex Account Guardian Tips (Securing Your RuneScape Account)


Recommended Posts

Jagex Account Guardian Tips (Securing Your RuneScape Account)

 

jagex-account-guardian.jpg

 

In an ongoing effort to help protect our forum users and RuneScape players from being hacked or account hijacked, we have written up a post detailing our recommendations for how best to utilize Jagex Account Guardian.

 

Jagex Account Guardian (JAG) is a new security system that allows you to set recognized "devices" (computers) and anyone who attempts to log in to your RuneScape account from an unrecognized device will be hindered by new security questions, which are unchangeable. To enable Jagex Account Guardian (JAG) for your account, login to RuneScape.com, navigate to your "Account" section, and at the top of the page there is a section called "Jagex Account Guardian" that will walk you through the steps of enabling the feature.

 

Since you cannot customize the JAG recovery questions, it is more important than ever that you set answers that no one can guess! Think carefully before you enable JAG and pick your recoveries. First, try Googling yourself (both your real name and RSN) and searching through your social media accounts and forum posts. Are the recovery question answers obtainable through those outlets? For example, the question "Where was your first vacation / holiday?" is NOT a good choice if your first holiday photos are posted on Facebook for everyone to see. The question "What is your favourite sports team? is NOT a good choice if you have this listed in an online profile.

 

The absolute BEST approach is to treat these recoveries like additional passwords and use random numbers, letters, and symbols. Alternatively, you could use some sort of random phrase that makes no sense whatsoever to anyone but you. Of course, this makes your recoveries extremely hard to remember, so let's take this a step further. If you want to ensure that you will never forget the answers to your JAG recoveries, you can either write them down on a piece of a paper and keep that paper some place safe, or you can even store those answers on an encrypted part of your hard drive. We do NOT recommend that you store the answers in a plain text file on your computer! That is not secure and anyone could simply open the file if they gain access to your computer! There are several ways you can encrypt files. Here are some examples:

  • 1Password - The 1Password application allows you to store passwords, notes, and other information. All the information you store is strongly encrypted. You select a master password, which is required to unlock your data.
  • True Crypt - This application creates a virtual encrypted disk within a file and mounts it as a real disk. It can also encrypt an entire partition or storage device, such as a USB flash drive or hard drive. This is great for encrypting all kinds of files, partitions, etc.

There are many other encryption options available online, many of which are extremely easy to use and set up, but protect your data very well!

 

Once you have your method of encryption, you can select recovery answers that are virtually impossible to guess or brute force. No one will be able to utilize social engineering to gain access to your account.

 

Summary

  • Enable Jagex Account Guardian.
  • Select random questions.
  • For the answers, use strings of random numbers, letters, and symbols, such as: 448,MJ:9?;B2/74T?932p
  • Store the answers to the questions on your computer and encrypt them, using an application like 1Password or True Crypt.
  • Secure the e-mail address linked to your RuneScape account with Gmail 2-step verification. Check this e-mail often.
  • Sleep soundly, knowing your account is more secure!

  • Like 3

Posted Image

 

- 99 fletching | 99 thieving | 99 construction | 99 herblore | 99 smithing | 99 woodcutting -

- 99 runecrafting - 99 prayer - 125 combat - 95 farming -

- Blog - DeviantART - Book Reviews & Blog

Link to comment
Share on other sites

Excellent tips. Thank you. :thumbsup:

 

f2punitedfcbanner_zpsf83da077.png

THE place for all free players to connect, hang out and talk about how awesome it is to be F2P.

So, Kaida is the real version of every fictional science-badass? That explains a lot, actually...

Link to comment
Share on other sites

I'm a fan of JAG as well, definitely makes your account much more secure. The problem with using random strings of letters and numbers is the fact that you have to have it written down or kept somewhere, and if your computer crashes or you lose the paper/usb device (or you forget the password to the encryption), you'll be in real trouble.

 

I would simply advise to use the advice above and make sure that your answers cannot be found through any means, and choose something that is very obscure and impossible for anyone other then you to guess.

o4qq.png

My Pure F2P Blog: CLICK ME

6th Maintainer of the Pure F2P Highscores / The Top 250 F2P Skill Total Lists : May 16th, 2012 - March 30th, 2014.

Link to comment
Share on other sites

I'm a fan of JAG as well, definitely makes your account much more secure. The problem with using random strings of letters and numbers is the fact that you have to have it written down or kept somewhere, and if your computer crashes or you lose the paper/usb device (or you forget the password to the encryption), you'll be in real trouble.

 

I would simply advise to use the advice above and make sure that your answers cannot be found through and means, and choose something that is very obscure and impossible for anyone other then you to guess.

 

That's true, but there are also ways around that. For example, your encrypted 1Password data can be stored on Dropbox, and/or the information can be backed up to another hard drive (this is always a good idea anyway).

Posted Image

 

- 99 fletching | 99 thieving | 99 construction | 99 herblore | 99 smithing | 99 woodcutting -

- 99 runecrafting - 99 prayer - 125 combat - 95 farming -

- Blog - DeviantART - Book Reviews & Blog

Link to comment
Share on other sites

I'm a fan of JAG as well, definitely makes your account much more secure. The problem with using random strings of letters and numbers is the fact that you have to have it written down or kept somewhere, and if your computer crashes or you lose the paper/usb device (or you forget the password to the encryption), you'll be in real trouble.

 

I would simply advise to use the advice above and make sure that your answers cannot be found through and means, and choose something that is very obscure and impossible for anyone other then you to guess.

 

That's true, but there are also ways around that. For example, your encrypted 1Password data can be stored on Dropbox, and/or the information can be backed up to another hard drive (this is always a good idea anyway).

Hehe I was just going to post this. You can also get a 1password app for your smartphone as well (not free though)

612d9da508.png

Mercifull.png

Mercifull <3 Suzi

"We don't want players to be able to buy their way to success in RuneScape. If we let players start doing this, it devalues RuneScape for others. We feel your status in real-life shouldn't affect your ability to be successful in RuneScape" Jagex 01/04/01 - 02/03/12

Link to comment
Share on other sites

Ok, so I have a problem. I like the idea of JAG and all, but I really dislike the not being able to change the passwords. If someone were to find out the passwords somehow, they would know them forever. Jagex's advice on this question was "Don't let people see the passwords." but that doesn't even answer the question as by asking this I assume someone HAS seen them.

 

I wan't to use JAG, but that part puts me off from using it.

Link to comment
Share on other sites

Ok, so I have a problem. I like the idea of JAG and all, but I really dislike the not being able to change the passwords. If someone were to find out the passwords somehow, they would know them forever. Jagex's advice on this question was "Don't let people see the passwords." but that doesn't even answer the question as by asking this I assume someone HAS seen them.

 

I wan't to use JAG, but that part puts me off from using it.

 

I totally get your concern. Ultimately if you feel safer not setting them, then that's you're choice and I do understand your reasons. But if you do follow all the above guidelines, use impossible to guess answers, and encrypt them, then realistically no one should ever have access to them. The only way someone would is if you get a keylogger so someone figures out your 1Password master password, AND they manage to steal your actual data file.

Posted Image

 

- 99 fletching | 99 thieving | 99 construction | 99 herblore | 99 smithing | 99 woodcutting -

- 99 runecrafting - 99 prayer - 125 combat - 95 farming -

- Blog - DeviantART - Book Reviews & Blog

Link to comment
Share on other sites

First of all thanks for the advice. I'm sure it will be helpful to many :).

 

Ok, so I have a problem. I like the idea of JAG and all, but I really dislike the not being able to change the passwords. If someone were to find out the passwords somehow, they would know them forever. Jagex's advice on this question was "Don't let people see the passwords." but that doesn't even answer the question as by asking this I assume someone HAS seen them.

 

I wan't to use JAG, but that part puts me off from using it.

If someone gets your answers and you explain it to Jagex in the right place, I believe they will allow you to set new ones. At least, I saw on the threads that they had reset it for people who had forgotten their questions.

"Fight for what you believe in, and believe in what you're fighting for." Can games be art?

---

 

 

cWCZMZO.png

l1M6sfb.png

My blog here if you want to check out my Times articles and other writings! I always appreciate comments/feedback.

Link to comment
Share on other sites

I also have this concern, this is one of the very few aspects of recovery questions/answers which actually works, the ability to change them over a two week (or less if you know how) period.

 

I think Jagex are aware of this though, I did see this come up on the RSOF. I cannot remember where though. :?

Link to comment
Share on other sites

Ok, so I have a problem. I like the idea of JAG and all, but I really dislike the not being able to change the passwords. If someone were to find out the passwords somehow, they would know them forever. Jagex's advice on this question was "Don't let people see the passwords." but that doesn't even answer the question as by asking this I assume someone HAS seen them.

 

I wan't to use JAG, but that part puts me off from using it.

 

I totally get your concern. Ultimately if you feel safer not setting them, then that's you're choice and I do understand your reasons. But if you do follow all the above guidelines, use impossible to guess answers, and encrypt them, then realistically no one should ever have access to them. The only way someone would is if you get a keylogger so someone figures out your 1Password master password, AND they manage to steal your actual data file.

Hmm true. On the other hand if I only stored it there and couldn't remember it myself, I'd lose all the answers if my harddrive were to crash. Decisions...
Link to comment
Share on other sites

  • 1 month later...

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.