Forums

RuneScape Authenticator & JAG

Quick find code: 294-295-312-65407796

of 21
ModáWilliam

ModáWilliam

Jagex Moderator Forum Profile Posts by user

RuneScape Authenticator & JAG

Weĺve seen an incredible response to the introduction of RuneScape Authenticator - the new and simpler way to secure your RuneScape account - with over 25,000 signups on the first day.

We introduced RuneScape Authenticator as JAG was underused and complex ľ in reality, only 22% of active players were protected by it. In addition, RuneScape Customer Support received 354 queries in regards to JAG issues last week - and just under 17,000 requests regarding JAG over the course of a year.

Authenticator is a safer, more straightforward solution to account security. You no longer need to wait for an email or answer security questions each time you log in. All you need is a code from your Authenticator.

We previously stated that JAG would be disabled later this summer, however, some players have expressed concerns over the new way to secure their account.

We have taken your feedback on board, in particular from those of you without smartphones. With this in mind, JAG will be sticking around for the time being, for use by accounts who have already set it up. It will be reviewed at a later date.

We still recommend that all users upgrade to Authenticator as soon as possible. To ensure the highest levels of account security, some future RuneScape features will only be available to those who have enabled RuneScape Authenticator.

Any new accounts or accounts that do not currently have JAG enabled will only have access to RuneScape Authenticator for an additional layer of security.

If you choose to remove JAG from your account, or you contact our Customer Service team and they need to disable it to help you gain access to your account, you will not be able to reactivate it. You will still be able to secure your account using the RuneScape Authenticator.

To keep your account safe, always remember the golden rule: if it sounds too good to be true, it probably is. Never use your RuneScape password anywhere else ľ especially not for your email account. Every password you use should be unique, and never shared with anyone, even family members. For more security tips, take a read through the Safety Centre.

If you want a little more information on how RuneScape Authenticator works and how it can keep your account protected, take a look at our Authenticator launch news post.

The RuneScape Team

26-Jun-2014 10:56:37 - Last edited on 26-Jun-2014 10:56:57 by ModáWilliam

Varcarus

Varcarus

Posts: 5,032Rune Posts by user Forum Profile RuneMetrics Profile
So happy to hear that JAG will be sticking around :)

- The
ZAROISAN

ZAROS is back, Look BUSY!
-
Vyrelord
of Vamp**ium

"I will follow Vanescula till the end! Hissss!"
I lurk on twitter! @Vyrelord - Come say hi!

26-Jun-2014 11:52:03

Ferenc2017
Oct Member 2011

Ferenc2017

Posts: 9,570Rune Posts by user Forum Profile RuneMetrics Profile
This is great news!

A big ty from me and all the supporters!

2 things i would like to see for the authenticator to make it as safe as JAG is are, give it the security questions back. You will only need them when you activate the authenticator on a device or when you want to remove it.

To make them easier to remember, let us make or own questions and recommend people to write it down on a piece of paper (Not on your computer!)

And what about giving players a small reward when they activate authenticator like you did the the email register.

On this way much more people will have a secured account!

Ty for listening to the community :D!

Ferenc2017 :)
Ferenc2017
-
The Gamebreaker
:) Raise max cash! Click here to support!

26-Jun-2014 11:57:09 - Last edited on 26-Jun-2014 12:04:47 by Ferenc2017

Proselyte
Nov Gold Premier Club Member 2012

Proselyte

Posts: 120Iron Posts by user Forum Profile RuneMetrics Profile
Could you explain how

şşAuthenticator is a safer, more straightforward solution to account securityşş

While Authenticator is a very good system and it should suffice, it's weaker than JAG. If you have JAG, an attacker would need your secret word, access to your email account AND your recovery questions. With Authenticator, having your secret word and access to your email account is enough since they can reset Authenticator through your email.

If your email account is compromised, then JAG still (somewhat) protects you by the security questions, while with Authenticator your account is done for. How is it more secure?

Of course we should have 2-factor authentication on our emails, and if we do, Authenticator is great and I think replacing JAG is a great idea but we should be accurate in what we say :p

26-Jun-2014 11:59:47 - Last edited on 26-Jun-2014 12:04:46 by Proselyte

MisteráRuse
Jan Gold Premier Club Member 2010

MisteráRuse

Posts: 2,278Mithril Posts by user Forum Profile RuneMetrics Profile
Tip to any of those without smartphones: Get the windows authenticator app winauth (or equivalent for non windows) and either put it on a usb stick or on a cloud service such as dropbox, you can then use it on any pc without needing a smartphone.

Btw is there any problem with having both Auth and JAG enabled at once? I just left JAG on when I set up Auth cause I thought why not :P

@ Proselyte Ko

They say it's more secure because in theory you need your phone to log in, where with JAG they could in theory guess your questions, but you're right in the sense that if they get access to your email, with JAG they still need to guess your questions, but with Auth they can just disable it.

The ease in which you can disable it is a little concerning and maybe they should make you need to answer questions in order to disable it. The problem is I think the point is they want to move away from questions because they're so easy to forget and it probably takes a lot of their customer service time.

26-Jun-2014 12:02:49 - Last edited on 26-Jun-2014 12:08:58 by MisteráRuse

Jamzi
Jul Gold Premier Club Member 2016

Jamzi

Posts: 2,255Mithril Posts by user Forum Profile RuneMetrics Profile
Varcarus said:
So happy to hear that JAG will be sticking around :)

- The
ZAROISAN

ZAROS is back, Look BUSY!


JAG will be sticking around for the time being

26-Jun-2014 12:10:56 - Last edited on 26-Jun-2014 12:11:51 by Jamzi

Varcarus

Varcarus

Posts: 5,032Rune Posts by user Forum Profile RuneMetrics Profile
Jamzi said:
boooo......just get rid of JAG.


So hackers can have a cakewalk with accounts? HAH NTY...

- The
ZAROISAN

ZAROS is back, Look BUSY!
-
Vyrelord
of Vamp**ium

"I will follow Vanescula till the end! Hissss!"
I lurk on twitter! @Vyrelord - Come say hi!

26-Jun-2014 12:45:45

ModáRascasse

ModáRascasse

Jagex Moderator Forum Profile Posts by user
MisteráRuse said:

Btw is there any problem with having both Auth and JAG enabled at once? I just left JAG on when I set up Auth cause I thought why not :P


No, both will work together but you'll probably find it becomes quite annoying to have to wait for the JAG email, answer all your security questions and then also enter the code from your code generator app.
Mod Rascasse - Web Producer

26-Jun-2014 13:05:15

SpringFest
Sep Gold Premier Club Member 2011

SpringFest

Posts: 9,178Rune Posts by user Forum Profile RuneMetrics Profile
ModáRascasse said:
MisteráRuse said:

Btw is there any problem with having both Auth and JAG enabled at once? I just left JAG on when I set up Auth cause I thought why not :P


No, both will work together but you'll probably find it becomes quite annoying to have to wait for the JAG email, answer all your security questions and then also enter the code from your code generator app.


So we can do both at once? :D

But I have my JAG set as perm would that be a problem?

I wouldn't mind having both set as once.
*~War Tortoise
:(

26-Jun-2014 13:14:30

Quick find code: 294-295-312-65407796Back to Top