After learning of what is known as brute force hacking (cracking) devices that work on the basis othat your account be accessed by guessing the pass using a programme that generates passes randomly (though theirs a little more too it than that i hear) and tries them. i have come up with a few ideas to prevent this type of hacking from taking place altogether

 

 

 

Idea one:

 

putting a safety number of failed attempts on an account

 

brute force prgrammmes work by repeatedly getting passes wrong, untill they find the right one, this i guess can probably take ages. but if an attempted log in was failed 20 times in a row, due to an incorrect password then my idea is to bring one of two things into play either the account which is thought to be "being hacked" could be locked completely from access for 20 minutes (at least)

 

Or

 

the user could be asked to identify one of those "computers cant understand these" pictures to ensure that it is a person in controll or other wise the account will be locked for 20 mins or more

 

 

 

also i though it would be usefull for players to be able to set something similar to a temporary ban on their own accounts to freeze them from access by anyone for a time scale set by them say anywhere up to 48 hours. to secure an account from access incase say some one has found a keylogger or that they have been warned before hand.

 

 

 

this is more of an extention to a topic i posted in help and advice forums so check that out if you feel it might enlighten you as to why

 

 

 

feel free to add to this and constructive criticism is always appreciated.

 

 

 

and anyone thinking of calling me a noob, please refer to the noob-tionary below.

 

 

 

thank you

I thinks its a good idea. 48 hours is a bit long though.

 

 

 

LOL now i gotta go change my pass. Im worried :)

Something I have suggested before, and have seen suggested, is simply to place another layer over each account. What this means is you log in to Runescape with a user name and password, then you log in to the game separately with your character name.

 

 

 

With this model, your user name is never exposed to other players, so instead of hackers having half the information they need to break in, they have none.

 

 

 

Also, with this model, one player can actually have multiple characters under the one account. This can have some positive and negative aspects, depending upon your point of view in terms of consolidating bill paying and character/player banning.

 

 

 

- Sligo

After learning of what is known as brute force hacking (cracking) devices that work on the basis othat your account be accessed by guessing the pass using a programme that generates passes randomly (though theirs a little more too it than that i hear) and tries them. i have come up with a few ideas to prevent this type of hacking from taking place altogether

 

 

 

Idea one:

 

putting a safety number of failed attempts on an account

 

brute force prgrammmes work by repeatedly getting passes wrong, untill they find the right one, this i guess can probably take ages. but if an attempted log in was failed 20 times in a row, due to an incorrect password then my idea is to bring one of two things into play either the account which is thought to be "being hacked" could be locked completely from access for 20 minutes (at least)

 

Or

 

the user could be asked to identify one of those "computers cant understand these" pictures to ensure that it is a person in controll or other wise the account will be locked for 20 mins or more

 

 

 

also i though it would be usefull for players to be able to set something similar to a temporary ban on their own accounts to freeze them from access by anyone for a time scale set by them say anywhere up to 48 hours. to secure an account from access incase say some one has found a keylogger or that they have been warned before hand.

 

 

 

this is more of an extention to a topic i posted in help and advice forums so check that out if you feel it might enlighten you as to why

 

 

 

feel free to add to this and constructive criticism is always appreciated.

 

 

 

and anyone thinking of calling me a noob, please refer to the noob-tionary below.

 

 

 

thank you

 

 

 

WOOT!!! I like your ideas a lot!!! Send to Jagex if you feel like it.

Temporarily locking an account after too many fails sounds like a good idea.