forums.rs

Forums

[Bug] password insensitive

Quick find code: 278-279-683-66176279

jon dinner
Jul Member 2020

jon dinner

Posts: 56 Iron Posts by user Forum Profile RuneMetrics Profile
hello

When i login to osrs app or web browser i have tested in Chrome that it does not matter whether i type my password with the correct case (lower / Capital) or not it authorises my login attempt. This seems like a big security problem to me. Please be advised.

21-Aug-2020 13:26:07

Varpushaukka

Varpushaukka

Posts: 503 Steel Posts by user Forum Profile RuneMetrics Profile
It seems to be a company-wide issue that applies to all the places you can log into, and it's also been brought up so many times in the past, that at this point I wouldn't call it a bug anymore; it's either incompetence or negligence, apply whichever is holding them back on changing it. :P
Sparrowhawk (UIM)
. . . .
TLVL: 1775 / 2277
. . . .
# of 99's: 4 / 23
. . . .
QP: 218 / 279

21-Aug-2020 15:36:21

Tranq
Nov
fmod Member
2007

Tranq

Forum Moderator Posts: 61,815 Emerald Posts by user Forum Profile RuneMetrics Profile
The passwords have never been case sensitive here on runescape. You can't really brute force passwords as you get locked out after a few attempts. The security link you have to worry about is your registered email address. That is typically the weakest link in the security chain. Unless of course you tell someone your login details.
When the day becomes the night and the sky becomes the sea, when the clock strikes heavy and there’s no time for tea; and in our darkest hour, before my final rhyme, she will come back home to Wonderland and turn back the hands of time.

21-Aug-2020 16:57:08

Quick find code: 278-279-683-66176279 Back to Top