RuneScape Forum Archive | Password Sophistication

JecaJeca

Posts: 7,471 Rune Posts by user Forum Profile RuneMetrics Profile

Hi everyone. I think it’s long due for password requirements to be more comprehensive. Many websites today require a mix of letters, numbers, and special characters/ uppercase letters.

We have Authenticator and email addresses, but I think the password itself is the most important piece. Simple to guess passwords should not be allowed - it creates too much security risk. Passwords should also be longer than the 6 character minimum on Jagex sites.

Carlyle Group employees have a much stricter password requirement. As a portfolio company within the broader tech space, Jagex should have a large priority on safety and security. On most fronts, Jagex has done a great job with security, but the password itself lacks any sophistication.

I last made a thread about this in 2020. The thread has since been locked, I'm not sure why. This issue is still not resolved. It doesn't take much to make this change. If Jagex can figure out the solution to expanding max cash beyond 2,147M, they can certainly enhance password requirements. It's the right thing to do.

Thanks

"This world is but a canvas to our imagination." -Henry David Thoreau

23-Feb-2023 05:19:56

JecaJeca

Posts: 7,471 Rune Posts by user Forum Profile RuneMetrics Profile

Specifically, at a minimum, Jagex passwords should include:

* Minimum character length of 8-10, vs. current 6
* Requirement for special character OR uppercase letter and ability to use a special character or uppercase letter in passwords

Two simple changes that will make a difference. Minimal impact on player base with huge benefit to player security.

It's 2023 and there are more vulnerabilities in cyberspace. We can do our part here, starting with the basics.

"This world is but a canvas to our imagination." -Henry David Thoreau

23-Feb-2023 05:24:17

May

2003

Tren

Forum Moderator Posts: 92,598 Emerald Posts by user Forum Profile RuneMetrics Profile

Updated password policies are coming with the new Jagex Accounts

Jagex Accounts Closed Beta

https://runescape.wiki/w/Jagex_account

:

Original message details are unavailable.

New password policies:
- The length of the password can variante from 8 to 64 characters
- Password can use all utf-8 characters
- Passwords are checked against dictionaries and an indicator will show the passwords strength

~Tren

Forum issues? ---> See Forum Help
Account issues? ---> See Account Help

23-Feb-2023 08:03:40

Dec

2011

Archaeox

Posts: 53,399 Emerald Posts by user Forum Profile RuneMetrics Profile

It doesn't matter how complex your password is if your computer is compromised when you enter it - which is how most password stealing occurs.

Jagex employs measures to prevent the brute forcing of player passwords.

~~~~ Just another victim of the ambient morality ~~~~

~~ Founder of the Caped Carousers quest cape clan ~~

!! Slava Ukraini - heroyam slava !!

23-Feb-2023 10:25:17

Forums

Password Sophistication

JecaJeca

JecaJeca

Tren

Archaeox