forums.rs

Forums

Bank Pin Weakness

Quick find code: 317-318-904-66277044

Nik btw

Nik btw

Posts: 9 Bronze Posts by user Forum Profile RuneMetrics Profile
Hey all,

I just want to point out a huge weakness I see in the Bank Pin:
You don't need to enter it for

Dropping Items

Stepping into the Wilderness

So, if sou get hacked, the hacker would not need your Bank Pin to at least drop trade your worn/inventory items you logged out with. I think this is a somewhat huge deficit, since you would many times log out in your combat gear which might involve some expensive or hard earned items.

Just wanted to point this out, that there should be more actions you would need your Pin for.

Cheers!

22-Mar-2023 19:56:08

MikeMassacre
Feb Member 2023

MikeMassacre

Posts: 10 Bronze Posts by user Forum Profile RuneMetrics Profile
I see what you're saying, but I think if you have an authenticator and bank your items before logging out on top of doing your due diligence of changing security like PW/PIN every other month or so. You should be just fine. Good Idea tho! :)

22-Mar-2023 21:19:03

Zeffirino
Jan Member 2023

Zeffirino

Posts: 394 Silver Posts by user Forum Profile RuneMetrics Profile
There can never be too much security :P

In all seriousness security concerns like the ones you mentioned are definitely points of concern that assume that someone has already gained access to your account. With the exception of your point about the wilderness since there already is a ditch as well as teleport warnings which have already solved this issue.

It could be good practice to bank your items when you've finished your gameplay for the day as someone mentioned above.

I think one thing Jagex could do is perhaps set a pin-style system up for dropping things based on player input parameters such as the item name or items of a certain value.

23-Mar-2023 02:54:36

Nik btw

Nik btw

Posts: 9 Bronze Posts by user Forum Profile RuneMetrics Profile
Hi Guys,

first, thank you for your positive responses!

To the hint regarding banking items before logging out: yes, I am actually doing this as a habit aswell, but I find it somewhat tedious to always equip everything again when logging in, especially at days off, where I would play multiple times with multiple breaks. So my concern here is more about the QOL of updating this issue.

And no, luckily, in 15 years of playing RS/OSRS with multiple accounts I never got hacked. I always have the highest security standards aswell on my RS Accounts aswell on the related EMail Accounts, but I am very worried about the day this might happen. Over the years I had some ingame friends who suffered huge hacks, clearing billions of worth from their bank or even worse high prestige items from Ironman which can be even more devastating, so I really dont want this to happen to anyone of us.

Have a nice day!

24-Mar-2023 13:36:31

Zeffirino
Jan Member 2023

Zeffirino

Posts: 394 Silver Posts by user Forum Profile RuneMetrics Profile
Nik btw said :
Hi Guys,

first, thank you for your positive responses!

To the hint regarding banking items before logging out: yes, I am actually doing this as a habit aswell, but I find it somewhat tedious to always equip everything again when logging in, especially at days off, where I would play multiple times with multiple breaks. So my concern here is more about the QOL of updating this issue.

And no, luckily, in 15 years of playing RS/OSRS with multiple accounts I never got hacked. I always have the highest security standards aswell on my RS Accounts aswell on the related EMail Accounts, but I am very worried about the day this might happen. Over the years I had some ingame friends who suffered huge hacks, clearing billions of worth from their bank or even worse high prestige items from Ironman which can be even more devastating, so I really dont want this to happen to anyone of us.

Have a nice day!

The best way to reduce the chances of all this is to think of security in layers. So bank pin/authenticators active etc.

Outside of this it's worth ensuring the security of the email address in question as well.

The Jagex accounts will bring a lot of security related issues under one umbrella so if you didn't receive an invite to join the beta already, that'll be an option very soon. :)

26-Mar-2023 05:29:44

Applejuiceaj
Nov
fmod Member
2011

Applejuiceaj

Forum Moderator Posts: 44,957 Sapphire Posts by user Forum Profile RuneMetrics Profile
Bank pins are meant to be the last line of defense for our items - however, at the same time, they are also meant to not hinder our ability to play the game.

For example, if you forget your bank pin and have a 7 day recovery delay on, it shouldn't prevent you from being able to play for 7 days. Instead, its designed in a way that you can continue to train up your account in a limited capacity. If you want to woodcut and bank logs via a deposit box, you can. If you want to train mining by powermining iron, you can - but the proposal here would prevent you from doing that since you wouldn't be able to drop the iron.

At some point, limiting just about everything to requiring a bank pin is basically having it act as a second password to log into the game. There are other security measures that can better handle that, and as was mentioned above, the extra security that Jagex Accounts have built in should be plenty for the bank pin to continue operating as it currently does, especially considering it requires multi-factor authentication to be able to access an account.

I personally also follow the advice others have posted, I bank my gear prior to logging out for the day. That's just something I've gotten into the routine of doing regularly. Once you know where all of your gear is in your bank, regearing only takes a few seconds and you can be back on your way to whatever content you were doing.

26-Mar-2023 17:10:30

Quick find code: 317-318-904-66277044 Back to Top