Forums

A message from Player Support

Quick find code: 259-260-147-66091039

Sep 2023

H Rassy

Posts: 17,469 Opal Posts by user Forum Profile RuneMetrics Profile

Hi,

i just saw this newspost but I could not find the apropiate forum to give feedback on this newspost.
In the newspost jagex said they would watch the responses from all players on reddit and on this forum,they should have linked to the apropiate forum but I hope this message gets through to the right mod anyway. If someone has link to the right forum then pls post it.

I would like to voice my concern about recovering accounts. In the post it seems as if they want to make it easier to recover an account,this worries me a lot because in the past there have been several storys of people who lost their account due to it being reclaimed via recover account by a malicious person. (which was reason for me to still not register my email address with jagex)
Imo runescape security is perfect,you have the password and then there is the authenticator as wel for those who want that. How is this not 100% safe I don't see.
I don't mind if they upgrade security but only if it truly is an upgrade and not an actual downgrade giving more options to people to get into your account. So pls take good care of this when making the update.

22-Mar-2019 00:46:17

Zparanoid

Posts: 3,945 Adamant Posts by user Forum Profile RuneMetrics Profile

Spurious recovery is indeed one of the weak links in the account security chain. Insufficient checks that the recoverer is indeed the account creator. It should require more than just an email address, because email addresses can become comprimised by so many means. Once a hijacker has gotten a fake recovery request accepted once, it can sometimes be difficult to prevent them from gaining further fake recoveries on the same account.

23-Mar-2019 22:04:34 - Last edited on 23-Mar-2019 22:05:10 by Zparanoid

Quick find code: 259-260-147-66091039 Back to Top