RuneScape Forum Archive | RuneScape Authenticator

Oct

2008

Spocko7

Posts: 825 Gold Posts by user Forum Profile RuneMetrics Profile

Of greed and corruption we are all too aware
It's happening in your suburb and the big World out there
Many in high places into corporate crime
And more honorable than them in jail serving time
On the scales of justice one must cast a doubt
Big time corporate crimes seldom ever caught out
Money speaks every language some are known to say
In the twenty first century it does seem that way
Of greed and corruption the whispers abound
Amongst influential people criminals to be found
To buy their way out of trouble they seldom do fail
The power of their money can keep them from jail
And of greed and corruption we hear every day
Whoever did tell us that crime does not pay?

you can include yourselfs to the list greedex

24-Jun-2014 00:05:10

Jadzi1

Posts: 199 Iron Posts by user Forum Profile RuneMetrics Profile

Hoppeeee said :
Jadzi1 said :

What if I have my authenticator on my comp at home, and I try to play somewhere else, at a friend for example ? How can I get the code when it changes in every 30 seconds ? It's not something I can remember, since it keeps changing.

And your other argument, that we still have our normal pass to protect us...that was the point of adding bonus security, that our pass is not considered safe enough. With JAG, if someone somehow got your pass, still couldn't use your account since it could only be reached from trusted computer. Now if the hacker gets your pass, and gets your email too (which is very likely, much easier than to get the RS pass), he can turn off the authenticator in a sec and boom, your account is gone forever. The authenticator is much much less safe than JAG, since JAG required the hacker to physically sit at your trusted comp which was very unlikely.

18. What if I don’t have my authentication device on me?

If you are trying to login from a new PC but do not have your device with you, simply click on the ‘disable authenticator’ link on screen and an email will be sent to your registered email containing a link to disable the authenticator. With the authenticator disabled, you’ll be able to access your account, but we strongly recommend that you re-enable the authenticator when you get your device back.

Yeah. Great advice from Jagex. So I'm on another computer, not my own, I don't know how secure it is, and now I should not only type my RS pass, but my email pass too AND disable the bonus security feature ? Okay, I'm totally convinced, this is totally safe and much better than JAG. Lol.

24-Jun-2014 00:07:22 - Last edited on 24-Jun-2014 00:10:13 by Jadzi1

Dec

2018

NZ Sheeps

Posts: 10,342 Opal Posts by user Forum Profile RuneMetrics Profile

From the Wiki:

If somebody knows your RuneScape ********, you can reset it almost instantly with your email address and keep the account in your possession. Your email address acts as a self-help tool to return you to the game as quickly as possible.

From the Authenticator FAQ:

If you are trying to login from a new PC but do not have your device with you, simply click on the ‘disable authenticator’ link on screen and an email will be sent to your registered email containing a link to disable the authenticator. With the authenticator disabled, you’ll be able to access your account, but we strongly recommend that you re-enable the authenticator when you get your device back.

So if your email is compromised they can reset your ******** AND disable the security?

24-Jun-2014 00:08:51

Hoppeeee

Posts: 1,540 Mithril Posts by user Forum Profile RuneMetrics Profile

Jadzi1 said :

Yeah. Great advice from Jagex. So I'm on another computer, not my own, I don't know how secure it is, and now I should not only type my RS pass, but my email pass too AND disable the bonus security feature ? Okay, I'm totally convinced, this is totally safe and much better than JAG. Lol.

Hopefully, you won't be playing Runescape on insecure computers in the first place!

But yes, there are some things that need to be worked out, for sure.

24-Jun-2014 00:16:09 - Last edited on 24-Jun-2014 00:16:40 by Hoppeeee

Amazryk

Posts: 333 Silver Posts by user Forum Profile RuneMetrics Profile

Keep JAG.

Forget this authenticator.

While immediate thoughts make it seem safer, it definitely is not. Right now, to access my account, a hacker must sit at my computer and know my RS pass. If someone has accessed my home, the LAST THING they are probably thinking about is logging into RS. If, for some ungodly reason, the burglar decides to sit down and hack my account, they would still need my RS pass and bank pin to do any real damage.

With this authenticator, I need to download more stuff to my computer, in order to generate a code, that I will then have to enter, just so that you're game recognizes my computer. The code will be sent to me by email and only lasts for 30 days. Sounds like it would be a lot harder to access my character, right?

Wrong.

I, like most people, have my computer recognized by my email provider for constant access to my messages. In the same scenario as above, a burglar enters, sits at my computer (which is already recognized by you for 30 days), and still has to do the same thing as with JAG... figure out my RS pass and pin.

However, all the burglar need do to gain access is request another code, open my email, and enter it from his own computer. Now he has 30 days to figure out my RS pass and pin. Sounds like a step backward in security to me.

24-Jun-2014 00:28:12

Nov

2023

darko18

Posts: 3 Bronze Posts by user Forum Profile RuneMetrics Profile

if u want to secure it with phone try it like facebook just use number of u phone then u get coden en use it to open ure page that more easy its the same

24-Jun-2014 00:36:21

Mar

2007

LeAnne

Posts: 341 Silver Posts by user Forum Profile RuneMetrics Profile

I still think you shouldn't disable JAG. However, I will say I'm more impressed with the authenticator than I was. It's really nice that we can use it with a flash drive... and for those with phones and tablets, it's nice to be able to use those. Give people an option to remove JAG if they want to use the authenticator instead, but it really should be kept around because there are still security holes. I would like to have both active.

24-Jun-2014 00:41:37

Apr

2020

Great Nonna

Posts: 2,697 Adamant Posts by user Forum Profile RuneMetrics Profile

OMG I read so many posts and I think to many questions and no many answers . I am a bit upset about this. A fun game and relaxing is getting to be big pain. I also like many do not have a modern phone and can not buy one I'm lucky I can keep my monthly payments. I have been a member so long and I might have to consider on quitting. I think in the long run I will be saving. You have to consider not all have a job if a job at all. Sorry if I sound harsh but JAGEX you put many in a spot . I wish all the best and those that can do this I'm happy .I will play with out and security I guess till JAGEX comes up with another fantastic idea.

24-Jun-2014 00:43:47

Hoppeeee

Posts: 1,540 Mithril Posts by user Forum Profile RuneMetrics Profile

LeAnne said :
I still think you shouldn't disable JAG. However, I will say I'm more impressed with the authenticator than I was. It's really nice that we can use it with a flash drive... and for those with phones and tablets, it's nice to be able to use those. Give people an option to remove JAG if they want to use the authenticator instead, but it really should be kept around because there are still security holes. I would like to have both active.

Until the security holes are figured out, I'm with you here.

24-Jun-2014 00:52:54

Feb

2010

Oenothera

Posts: 4,527 Adamant Posts by user Forum Profile RuneMetrics Profile

Do not want.

24-Jun-2014 01:26:45

Forums

RuneScape Authenticator