Forums

Protect User´s Character Names

Quick find code: 278-279-480-66098079

Miles Prower

Miles Prower

Posts: 9,338Rune Posts by user Forum Profile RuneMetrics Profile
Never RIP said:
^ so u want to increase forum security where nothing is at risk by reducing game security?

And it doesn't work anyway.

What if u delete ur auth that is required to enter the game AND (as I think ure suggesting) Will be required to enter Account Settings so u can remove auth??

Ya can't "require auth" to "remove auth".

This idea is a terrible idea. It doesn't work and it reduces actual game security.


Well then most popular services across the internet are currently adopting this "terrible" idea. I would expect game security to remain the same if Authenticator was implemented across the website as well. Please could you explain why this would not be the case?

In the event that you lose your stored Authenticator code for any reason, backup codes and e-mail verification would return access to your account with no manual Customer Support required. Phone verification for account recovery would also be a massive leap forward.

For the vast majority of players, the Authenticator in its current state is protecting their in-game position and inventory. Their bank is also protected if they choose not to have a PIN in favour of Authenticator. More sensitive data (such as personal details and messages from Jagex) is not currently protected by more than a password layer.
Low on bank space? Click here.

12-May-2019 18:48:11

Miles Prower

Miles Prower

Posts: 9,338Rune Posts by user Forum Profile RuneMetrics Profile
Never RIP said:
^ because i use my phone for forums and my computer for game. That's two access points for hackers.


Please could you elaborate?

Never RIP said:
But how would u get into account security in order to request the email to disable auth, if auth is required to enter Account security?


You would follow the normal account recovery process via e-mail just as you can now even if Authenticator is enabled. The e-mail account you are linking to your Jagex account should also be secured using similar methods.

Never RIP said:
I completely disagree that messages from jagex are "more sensitive " than access to my in game bank account. In fact, I would post all jagex interactions in my message centre to a public "try to hack me" forum. There is no personal data imo.


You may have no sensitive data in your inbox. People contact Jagex for different reasons such as for Billing enquiries. Your in-game items do not contain any PID.

Never RIP said:
Also, currently, I have auth on my phone and emails on my computer... I don't want them together in case I lose one or the other. I dont want any of my divices to have my user name, email, passwords, and auth all saved in one device in order to protect my user name, at the risk of l doing my actual in game security.


A robust recovery process offering you multiple ways to verify yourself would address these concerns. This is why companies using Authenticator usually give you a set of backup codes - and it's up to the user whether they wish to save them or not.

Never RIP said:
Furthermore, I suggested a solution for OP. Delete "change name" option in account security. Only allow name changes in game.


While you are correct that this would mitigate this particular concern, it comes at the expense of convenience.
Low on bank space? Click here.

13-May-2019 07:52:54

Miles Prower

Miles Prower

Posts: 9,338Rune Posts by user Forum Profile RuneMetrics Profile
Never RIP said:
^ id rather not get too far off topic.

But there's the correct way to remove auth and that is log in to account settings and click remove auth. And then there's the nooby way which is account recovery - please don't force us all to be a noob like u r trying to do..


In that case I shall continue to support the "nooby way" and remain of the opinion that this would be the best way to protect against unwanted character name changes via the website. ^_^
Low on bank space? Click here.

14-May-2019 17:39:03

Quick find code: 278-279-480-66098079Back to Top