Login Pin + Screenshot Logger Protection -New RSOF Thread-

[REDACTED]

Please here me out, Oh, and I do support, I am just telling you another hackers method of trade

 

 

 

Right, well this idea, 10/10, Its great and will add security.... But only for a keylogger.

 

 

 

 

 

Some if not most Trojans out there allows the hacker to see live (depending on connection speed) what their victim is doing. So they can see where they place the mouse and click on the screen, thus, work out the pin in just the same amount of time it took the victim to enter it.

 

 

 

Although the deployment of Trojans isn't normally used, I know of cases where it has, And if this idea does get added to the game, then sooner or later you will see a rise in "Account stolen by Trojan incidences"

 

 

 

 

 

Please friends, don't think I am bashing you're idea, no, I am all for it, I am simply telling you another method which could/would be used to bypass it, and maybe with your clever thinking you will be able to find a fix for that :D

[D. V. Devnull]

Some if not most Trojans out there allows the hacker to see live (depending on connection speed) what their victim is doing. So they can see where they place the mouse and click on the screen, thus, work out the pin in just the same amount of time it took the victim to enter it.

 

 

 

Although the deployment of Trojans isn't normally used, I know of cases where it has, And if this idea does get added to the game, then sooner or later you will see a rise in "Account stolen by Trojan incidences"

 

If this happens, then it means that someone wasn't taking good care of their computer and also wasn't taking the time to keep it secure. Shame on the person for failing to study and implement their "Computer Security 101" guides. They should not be trying to complain at Jagex, as it was not Jagex's failure, but the failure of the PC's user. :shame:

 

 

 

~Mr. D. V. Devnull

[gg_kk90]

thats a great idea! i support!

[REDACTED]

 

If this happens, then it means that someone wasn't taking good care of their computer and also wasn't taking the time to keep it secure. Shame on the person for failing to study and implement their "Computer Security 101" guides. They should not be trying to complain at Jagex, as it was not Jagex's failure, but the failure of the PC's user. :shame:

 

 

 

~Mr. D. V. Devnull

 

 

 

Well it is also the Users fault if they go and get a keylogger on their machine. So in a sense you are saying they shouldn't be complaining either?

[D. V. Devnull]

 

If this happens, then it means that someone wasn't taking good care of their computer and also wasn't taking the time to keep it secure. Shame on the person for failing to study and implement their "Computer Security 101" guides. They should not be trying to complain at Jagex, as it was not Jagex's failure, but the failure of the PC's user. :shame:

 

Well it is also the Users fault if they go and get a keylogger on their machine. So in a sense you are saying they shouldn't be complaining either?

 

Not at Jagex, anyway. If they want to complain anyway to anyone, they need to first be willing to admit their fault, which is in their failure to have a proper security policy.

 

 

 

Second off, if they have any kind of proper security policy, then incoming adverts in web pages are blocked anyway, keeping the system clear of most exploits. This automatically leaves Jagex not at fault, being as any malicious code is blocked. 8-)

 

 

 

~Mr. D. V. Devnull

[Shahrazad]

Very nice and clever idea =D>.

 

That would reduce the possibility of accounts being hacked.

 

 

 

I support :.

[Knight_Zaros]

Especially now, you might as well cause you HAVE to imput your pin pretty much if your playing at all. Using ur house, bank, ge, etc. all require your pin. Might as well make it on login. The only point i would see this as a inconvience would be when training say combat, where I'd likely logout multiple times throughout long training sessions.

 

 

 

If you could make it like a toggle option between pin at login and at bank that be sweet.

[Captainkidd]

I support, we need more protection, this would make it almost impossible for someone to hack you and do damage to your account.

[D. V. Devnull]

I support, we need more protection, this would make it almost impossible for someone to hack you and do damage to your account.

 

That's what I think the author of the thread's beginning was thinking, and is what flashed through my mind when I first came to support this. Glad to see the same thing crossed your mind. :D

 

 

 

~Mr. Devnull

[Singh]

I support!

[Crimsoncow42]

Half of page 16 and all of page 17 were lost :(

 

I was able to salvage page 18 through google.

 

 

 

Page 18 before loss of posts:

 

[hide=]

From page 2...

 

 

 

they already have something like that. Its called a password!!!!! If some one has hacked your computer and found out your password, they would probably know the pin too. or they would just guess a 4 letter combination until they found it.

 

 

 

P.S. This is also the second worst suggestion ever. The holiday item shop comes in first.

 

Do you have any idea how many possible combinations there are for a 4 number pin? Millions. Good luck guessing that.

 

 

 

The password is the not the same idea as this. It's an extra security barrier, and I'm guessing it would be different than the bank pin, although and extra thing to remember it would definitely help security. It's a simple idea that could definitely help.

 

 

 

Cons... If someone installs Spyware on your computer, it's likely they will find out this Pin number as well.

 

 

 

Really the most effective way to keep your account safe is to stay away from any suspicious Runescape sites, and only use your Runescape password for Runescape.

 

Actually, it would not be millions of combinations. Ten to the fourth power is 10,000. It is very easy to run through the combinations if someone tried one combination every 10 seconds. For a hacker, 27 hours, 46 minutes, and 40 seconds is not very long. So, your statement about there being millions of combinations is falsified and it would only take a period of two days to hack your account with a keylogger on your computer.

 

 

 

Yes, I support the idea, but I just want to point out to you that it would not take very long for a hacker to try every possible PIN combination.

 

 

 

hot_mountain wrote:

 

"That is 24/7 screen recording, even WITH low video quality, it would be a big big mess to send those extremely large video files over the internet."

 

 

 

This would also probably discourage many would-be keyloggers and be a real pain for those that actually did it.

 

 

 

That's what I happened to be telling afatbomba, seeing as a keylogger with constant video recording would bog down a PC, and would effectively alert a user that their PC is not running right. Razz

 

 

 

Glad to have your voice in on it, though. Smile

 

 

 

~D. V. Devnull

 

What I meant was that the large video files would be a pain for the person that does the actual keylogging, as it would also slow the "hacker's" computer down as well, making it even more undesirable to attempt in the first place. Smile

 

 

 

P.S.

 

Thanks for all your support.

 

 

 

 

Actually, it would not be millions of combinations. Ten to the fourth power is 10,000. It is very easy to run through the combinations if someone tried one combination every 10 seconds. For a hacker, 27 hours, 46 minutes, and 40 seconds is not very long. So, your statement about there being millions of combinations is falsified and it would only take a period of two days to hack your account with a keylogger on your computer.

 

 

 

Yes, I support the idea, but I just want to point out to you that it would not take very long for a hacker to try every possible PIN combination.

 

If I was a hacker, I wouldn't spend more than a day on a single account. The hacker would still have to break through the password as well. There would also be a 15min limit for 3 pin # inputs similar to the the one Jagex already has set up.

 

This idea is better than the bank pin.

 

 

 

IF you do get your pass stolen they can't get on your account and drop what your wearing.

 

 

 

And you can bank as usual.

 

 

 

It's like a souped up bank pin, lol.

 

This is just like the chibi MMO Maple Story, where you're forced to enter a 4-number PIN right after you enter your password.

 

 

 

Except...Maple Story sucks. And with this suggestion, you can turn it off and on. If they're gonna do this, they NEED to do it at the registration page too. (Shouldv'e done that when autoers were around )

 

 

 

I support this idea 100%.

 

A few posters have mentioned that there is less of a need for this kind of security since "you can't drop trade", and people have replied "but they can still just drop your stuff and/or kill you if they're mad."

 

 

 

But how about if you log off wearing an amulet of fury, and log back in to find 20K unstrung maple longbows in your inventory, and no fury? Someone can still steal your items, even with trade limits.

 

 

 

Because I would use this option, I support it.

 

 

 

And to all those who don't support it because "it won't work in every case" or "it would be annoying" or "it's not necessary (just don't get a keylogger)", I say; WTF? It's an option. Just support it already, and forget about it if you don't want to use it.

 

Hey... what about this...

 

 

 

Someone said that there are keyloggers that take screenshots when you click. Well, what if ALL the PIN numbers would dissappear when you move your mouse on them?

 

 

 

For example.

 

 

 

[1][5][2][4]

 

[3][0][9]

 

[6][7][8]

 

 

 

Now, let's say your PIN number's first number is 0. You see that it is in the middle, and memorise it.

 

 

 

Then, when you move your mouse over any of these buttons, this happens..

 

 

 

[ ][ ][ ][ ]

 

[ ][ ][ ]

 

[ ][ ][ ]

 

 

 

So, when you click and the keylogger sends the screenshot to the hacker, it will have absolutely nothing informative on it! Just 10 empty red squares and your mouse!

 

 

 

But why is this better than the one where the numbers dissappear while clicking?

 

 

 

There is a risk that the logger takes the screenshot before the numbers dissappear. Using this there would be no risk at all!

 

 

 

What do you think about this?

 

 

 

Oh, and you can add me as a supporter.

 

154 supporters now Very Happy

 

i support

 

 

Hey... what about this...

 

 

 

Someone said that there are keyloggers that take screenshots when you click. Well, what if ALL the PIN numbers would dissappear when you move your mouse on them?

 

 

 

For example.

 

 

 

[1][5][2][4]

 

[3][0][9]

 

[6][7][8]

 

 

 

Now, let's say your PIN number's first number is 0. You see that it is in the middle, and memorise it.

 

 

 

Then, when you move your mouse over any of these buttons, this happens..

 

 

 

[ ][ ][ ][ ]

 

[ ][ ][ ]

 

[ ][ ][ ]

 

 

 

So, when you click and the keylogger sends the screenshot to the hacker, it will have absolutely nothing informative on it! Just 10 empty red squares and your mouse!

 

 

 

But why is this better than the one where the numbers dissappear while clicking?

 

 

 

There is a risk that the logger takes the screenshot before the numbers dissappear. Using this there would be no risk at all!

 

 

 

What do you think about this?

 

 

 

Oh, and you can add me as a supporter.

 

This is a very good suggestion but unfortunately it has been suggested before. However, you have explained it much better and have given the direct effects. Putting it on the front page.

 

 

 

Thanks for everyone's continued support.

[/hide]

[D. V. Devnull]

Now if only you could pack that in "hide" tags... Oh well... Good luck to all of us supporters on this resume of the thread.

 

 

 

~Mr. D. V. Devnull

[Crimsoncow42]

bump

[Promise]

Or, just use the pin system correctly and keep your valuables in the bank. It isn't too hard to click a few times then deposit it in your bank. I don't see why Jagex needs to take such extreme measures for people's laziness in the first place. Just put your stuff in your bank and your set, long as you have a pin ofcourse.

[D. V. Devnull]

Or, just use the pin system correctly and keep your valuables in the bank. It isn't too hard to click a few times then deposit it in your bank. I don't see why Jagex needs to take such extreme measures for people's laziness in the first place. Just put your stuff in your bank and your set, long as you have a pin ofcourse.

 

This idea isn't meant to foster laziness, and it is offensive that you took it that way. :x

 

 

 

So that you may understand it better, this idea is for all those people whose banks are so full that they can't just put their equips in the bank at night... Think along the lines of a situation similar to what could have happened with the Grand Exchange & Trading, had Jagex not put a PIN on that! Now do you get the idea? What this idea aims to do is to lay a defensive layer on accounts that should have been in place right from the start, and NEVER dismissed as "unimportant or useless". :-s

 

 

 

Seriously, what would you do if, for example, you were a user who trained everything and kept well-stocked for emergencies? Would you allow yourself to be lazy and make the mistake of dumping something you might want and/or need later, just because you were scared of hackers? Or would you rather the game's security was made better so you could train without fear of a hacker coming along and destroying all your hard work? I think you'd prefer all your work was safely away from the clutches of a hacker! \

 

 

 

 

 

Hopefully, I've now made a supporter out of you. 8-)

 

 

 

~Mr. D. V. Devnull

[Crimsoncow42]

Or, just use the pin system correctly and keep your valuables in the bank. It isn't too hard to click a few times then deposit it in your bank. I don't see why Jagex needs to take such extreme measures for people's laziness in the first place. Just put your stuff in your bank and your set, long as you have a pin ofcourse.

 

 

 

This idea evolved from the idea that a person's inventory and what he was wearing wasn't protected by the bank pin. A person might have to leave unexpectedly or is training in a secluded area far from a bank.

[D. V. Devnull]

Or, just use the pin system correctly and keep your valuables in the bank. It isn't too hard to click a few times then deposit it in your bank. I don't see why Jagex needs to take such extreme measures for people's laziness in the first place. Just put your stuff in your bank and your set, long as you have a pin ofcourse.

 

This idea evolved from the idea that a person's inventory and what he was wearing wasn't protected by the bank pin. A person might have to leave unexpectedly or is training in a secluded area far from a bank.

 

Expanding on what Crimsoncow42 said....... Imagine if you DID have to go unexpectedly, you were very far from a bank, and didn't have time to bank... Would you really want there to be a chance that you'd come back later, and find that all your valuables were gone and you were in Lumbridge, because a hacker murdered your character?

 

 

 

Personally, I don't think you'd want that happening. I think you'd want to be able to come back, even if you had to tap in your PIN along with your RS username and pass, and find that you could resume because your stuff happened to remain safe. :

 

 

 

TBH, it would be laziness to be against this idea. Gee, aren't you against laziness, 'Promise'??? You sure did a nice job contradicting yourself. :shame:

 

 

 

~Mr. D. V. Devnull

[Crimsoncow42]

bump

[D. V. Devnull]

bump

 

This is just a friendly reminder... Please be more constructive with your bumps. Ask a question, or pose a thought-causing note. Why, you ask? Because if a new possible supporter comes by, and only sees "bump" at the end of the stack of posts, they're more likely to be turned off than they would be to support. :-k

 

 

 

~Mr. D. V. Devnull

[Crimsoncow42]

The login pin was inspired by the need to protect one's inventory and what that person was wearing. Would you guys like a pin for inventories instead of logging in?

[D. V. Devnull]

The login pin was inspired by the need to protect one's inventory and what that person was wearing. Would you guys like a pin for inventories instead of logging in?

 

Crimson, the "PIN requirement @ Login" is the best idea. Let's say a user logs out in Wildi (...heaven forbid, but it could happen...) and has some of their best stuff equipped. Would they really want to find out they're in Lumby next, minus all their stuff, just because someone got a hold of their pass? I know I wouldn't. I'd prefer that there was a pin preventing other people from logging into my account! :ugeek:

 

 

 

~Mr. D. V. Devnull

[Pharanoid]

For if you're switching world, and you get the message:

 

You only just left another world, please wait, blabla..

 

If you wait for that, you can already enter your PIN!!

 

 

 

:thumbsup:

 

 

 

Great suggestion, I support!

[Crimsoncow42]

Please remember that it is optional and can be turned off at anytime.

[Guest]

support :thumbup:

[Uninstall]

I support :thumbup: even though i will never use it ;)