forums.rs

Forums

Two-factor Authentication

Quick find code: 380-381-62-65435576

of 26
Shiroyasha

Shiroyasha

Posts: 112 Iron Posts by user Forum Profile RuneMetrics Profile
Original message details are unavailable.
Original message details are unavailable.
I have a question regarding the desktop application for this. I used the latest stable version (ver 3.0.21) and I used Google authentication (in WinAuth) to use the QR code. This all worked fine and I am able to login on Oldschool again (after it asked for a code which Winauth gave me). So I think it's setup correctly for this computer but I don't understand how it works from here.

What if my current computer doesn't work anymore? How does it work when I want to login from another computer?

You can disable the authenticator - From the FAQ

If you are trying to login from a new PC but do not have your device with you, simply click on the ‘disable authenticator’ link on screen and an email will be sent to your registered email containing a link to disable the authenticator. With the authenticator disabled, you’ll be able to access your account, but we strongly recommend that you re-enable the authenticator when you get your device back.



So what you're telling me is, unlike JAG that you have to answer 5 of your questions correctly to disable it, you can just go into your email and "disable" it without having to do anything? Not even having to provide any information at all, you can just click "disable" and confirm it in email. I don't see how this is secure, if someone gets your email with JAG you're more secured with that than this authenticator thing. I think it'd be a good idea to just keep JAG and add-in the authenticator instead of taking it off or at least make it so that you have to do something, besides going to your email, to disable it. At least some type of security question like your typical "what was your first dog's name".

23-Jun-2014 18:31:28

Wee Lamm
Jun Member 2020

Wee Lamm

Posts: 1,272 Mithril Posts by user Forum Profile RuneMetrics Profile
Original message details are unavailable.
Instead of diddling around with smart phone apps, please make it so I can log in and world switch.

If you add your computer to the "trusted devices" list, it shouldn't ask for the code again unless you close your browser/game client, or after the 30 day expiration.

23-Jun-2014 18:32:25

C0BB

C0BB

Posts: 82 Iron Posts by user Forum Profile RuneMetrics Profile
Original message details are unavailable.
Original message details are unavailable.
Original message details are unavailable.
I have a question regarding the desktop application for this. I used the latest stable version (ver 3.0.21) and I used Google authentication (in WinAuth) to use the QR code. This all worked fine and I am able to login on Oldschool again (after it asked for a code which Winauth gave me). So I think it's setup correctly for this computer but I don't understand how it works from here.

What if my current computer doesn't work anymore? How does it work when I want to login from another computer?

You can disable the authenticator - From the FAQ

If you are trying to login from a new PC but do not have your device with you, simply click on the ‘disable authenticator’ link on screen and an email will be sent to your registered email containing a link to disable the authenticator. With the authenticator disabled, you’ll be able to access your account, but we strongly recommend that you re-enable the authenticator when you get your device back.



So what you're telling me is, unlike JAG that you have to answer 5 of your questions correctly to disable it, you can just go into your email and "disable" it without having to do anything? Not even having to provide any information at all, you can just click "disable" and confirm it in email. I don't see how this is secure, if someone gets your email with JAG you're more secured with that than this authenticator thing. I think it'd be a good idea to just keep JAG and add-in the authenticator instead of taking it off or at least make it so that you have to do something, besides going to your email, to disable it. At least some type of security question like your typical "what was your first dog's name".

Just keep your email secure, it's really not difficult. Use something like Gmail that has further 2-step and you'll be fine

23-Jun-2014 18:37:54

Shiroyasha

Shiroyasha

Posts: 112 Iron Posts by user Forum Profile RuneMetrics Profile
1 more thing, so if I have more than one account, because I play like 3 or 4 different accounts, am I able to use the same authenticator thing on my 3 or 4 other accounts or do I have to use 4 different phones? assuming you can't use the same phone more than once.

23-Jun-2014 18:43:47

Wee Lamm
Jun Member 2020

Wee Lamm

Posts: 1,272 Mithril Posts by user Forum Profile RuneMetrics Profile
Original message details are unavailable.
I think its an interesting approach to protecting one's account and I am participating in it. It is not much of a hassle since all you have to do is enter in a code every 30 days.

I will add that this technology is more like a digital thumb print and reduces the wait time of having a Jagex Mod look up your account information to verify you have answered the 5 questions correctly.

23-Jun-2014 18:44:49

Wee Lamm
Jun Member 2020

Wee Lamm

Posts: 1,272 Mithril Posts by user Forum Profile RuneMetrics Profile
Original message details are unavailable.
1 more thing, so if I have more than one account, because I play like 3 or 4 different accounts, am I able to use the same authenticator thing on my 3 or 4 other accounts or do I have to use 4 different phones? assuming you can't use the same phone more than once.

This tool provides a secure way for you to control which computers are able to add or remove trusted devices. It will work with all of your accounts using the single code, provided they are being accessed on the same computer, during the same browser/game client session.

Closing the browser/client is the same as logging into a different computer for this purpose.

23-Jun-2014 18:48:00

Quick find code: 380-381-62-65435576 Back to Top