Secure Your Account

+11
Herbert
Spiritika
KingNightfury
TheHeavyJ
The_Gamed
Iwan
Mimikyutie
Chestnut
ladybird2
......
elemntsk8ter
15 posters

Page 1 of 2 1, 2  Next

Go down

Secure Your Account Empty Secure Your Account

Post by elemntsk8ter Mon May 27, 2019 6:00 pm

Wanted to bring this topic back to life after hearing of numerous recent occurrences. As a security professional, it pains me to see accounts being compromised, but unfortunately it is all too real for many of us. I am going to expand upon some of the tips that @Zvny started here:

1. Make a different email for your RuneScape account.
Runescape does not allow for extremely strong passwords, and I believe they are not case sensitive so "PASSWORD1230!" will be the same as "password123!" or "PaSsWoRd123!". Ensure that it is at the very least a long password and follow the below steps to keep your email account secure.

2. Put an Authenticator on your email account.
Using two-factor authentication requires something you know and something you have. You know your password, you have a phone or an application that provides a TOTP (Time-based One Time Password). I recommend using Authy for multifactor. It can be installed on computer, on a smartphone, or even in a Chrome Browser. I recommend the smart phone if you can choose between those three. Authy allows you to store and backup multiple accounts' two factor authentication codes wherever Google Authenticator is an option. You can also use it on multiple devices which is a plus over Google Authenticator.

3. Use a password that you've never used anywhere else.
Your email should have a strong password consisting of at least 8+ (I would say 16+) including lower case, upper case, symbols, and numbers. While this can be inconvenient to have such complex passwords, you can use something like Lastpass to store all passwords in a vault. Use a very strong password for this account and never share it with anyone. 

4. Authenticator on your RuneScape account itself.
See step 2 above about Authy. Apply the same mechanics on your OSRS account as you do for your email.Sign into your account on Runescape.com and go to Account in the upper right. Authenticator will be the first option.

5. Bank pin on your RuneScape account.
Add a bank pin.

6. Never provide your password.
Only input your password on an official Jagex website or client. (Using a third party client such as Runelite or OSBuddy is at your own risk, but considered "safe". Official links provided, as there are fake websites to install malware out there.)
Check the URL for a valid SSL certificate and a proper domain.
Good URL: https[:]//secure[.]runescape.com/m=weblogin[RestOfURL]
Bad URL: https[:]//secure[.]runescape.com.randomdomain.ro/m=weblogin[RestOfURL]

The certificate should be issued to the domain in which you are going. If it does not, or if it is invalid, do not enter credentials.
Secure Your Account Captur11
Secure Your Account Rs11

7. Perform regular system security hygiene.
Make sure your PC is updated regularly. I check for updates on my desktop daily. It is important to keep your systems current to prevent exploits of known vulnerabilities. I use Driver Booster to make sure all my drivers are up to date in addition to the Operating System updates provided by Windows. If you are a Mac or Linux user, while the attack surface is smaller for you, ensuring your system is up to date is an important step. There's no need to pay for the premium versions of this, and I haven't tested the other products they offer.
I also recommend two products for scanning for issues as well. CCleaner and Malwarebytes are both free tools that can be used to scan for registry issues and viruses / malware on your system.

If you ever think: this seems too good to be true, it probably is. If you're not sure, send me the link in a PM on these forums. I'll take a look at it and get back to you as soon as I can. If there are any questions about this.. fire away - I'll answer as best I can.

Happy Safe Scaping!


Last edited by elemntsk8ter on Fri Oct 30, 2020 10:43 am; edited 8 times in total
elemntsk8ter
elemntsk8ter

Secure Your Account YP5zkAJ

Posts : 344
Reputation : 21
Age : 32
Join date : 2017-12-05


Back to top Go down

Secure Your Account Empty Re: Secure Your Account

Post by ...... Mon May 27, 2019 6:10 pm

Great post ele
avatar
......

Posts : 52
Reputation : 2
Join date : 2019-03-23


Back to top Go down

Secure Your Account Empty Re: Secure Your Account

Post by ladybird2 Tue May 28, 2019 6:10 am

well done............if it saves just one person............or makes any others rethink their security............you have de mystified it for us, and are offering on going support, good job Smile
avatar
ladybird2

Secure Your Account NuD0cpJ

Posts : 2504
Reputation : 201
Join date : 2015-06-08

ladybird


Back to top Go down

Secure Your Account Empty Re: Secure Your Account

Post by Chestnut Tue May 28, 2019 12:06 pm

Thank you so much for the links. I am currently getting these things.
Chestnut
Chestnut

Posts : 20
Reputation : 1
Join date : 2019-02-04


Back to top Go down

Secure Your Account Empty Re: Secure Your Account

Post by Chestnut Tue May 28, 2019 12:07 pm

Also it seems that just recently a lot more accounts have been compromised is there anything Jagex themselves can do to battle it?
Chestnut
Chestnut

Posts : 20
Reputation : 1
Join date : 2019-02-04


Back to top Go down

Secure Your Account Empty Re: Secure Your Account

Post by elemntsk8ter Tue May 28, 2019 2:40 pm

Jagex needs to improve their password complexity allowance, however most compromised accounts come from end user mistakes, like supplying a password unknowingly or downloading malware unknowingly from a fake website.

No matter if a password is "password123!" or "JtTJSasdinad87234$oiad#!lvnUh".. If it is provided to an adversary, it's a useless form of security. A second form of authentication is the best way to prevent it; If the server doesn't recognize the system requesting access, it will prompt for a second form of authentication that hopefully only you have access to. Implementing that was a step in the right direction for Jagex.
elemntsk8ter
elemntsk8ter

Secure Your Account YP5zkAJ

Posts : 344
Reputation : 21
Age : 32
Join date : 2017-12-05


Back to top Go down

Secure Your Account Empty Re: Secure Your Account

Post by Mimikyutie Wed May 29, 2019 12:26 pm

Very well done! You detailed everything very succinctly!

_________________
Secure Your Account HL48dkQ
Mimikyutie
Mimikyutie

Secure Your Account M38wJkj

Posts : 136
Reputation : 28
Join date : 2019-02-17


Back to top Go down

Secure Your Account Empty Re: Secure Your Account

Post by Iwan Wed May 29, 2019 12:43 pm

good post element, every1 should do this and its almost impossible to get hacked. also be aware of fake links to the runescape website. mainly on twitch there are alot of fake streams that have a link to them. i also wanna point out that runescape passwords arnt case sensitive, so your best bet is to have a long password.
Iwan
Iwan

Secure Your Account U7euiv5

Posts : 425
Reputation : 3
Join date : 2017-09-15


Back to top Go down

Secure Your Account Empty Re: Secure Your Account

Post by The_Gamed Fri May 31, 2019 1:36 pm

Great post Ele, some good tips in there for all unaware or recently suffering from account tampering.
The_Gamed
The_Gamed

Secure Your Account 4068HaS

Posts : 536
Reputation : 36
Join date : 2018-10-30


Back to top Go down

Secure Your Account Empty Re: Secure Your Account

Post by TheHeavyJ Sat Jun 15, 2019 10:42 am

Thanks for putting this together. I do these things already, so yay. That being said, I am very pleased to have had a best-practices post to see if I had anything missing. Top notch!
avatar
TheHeavyJ

Posts : 43
Reputation : 0
Join date : 2016-07-10


Back to top Go down

Secure Your Account Empty Re: Secure Your Account

Post by KingNightfury Sat Jun 15, 2019 12:41 pm

how do u feel about windows defender?
avatar
KingNightfury

Secure Your Account YP5zkAJ

Posts : 453
Reputation : 19
Age : 29
Join date : 2017-05-05


Back to top Go down

Secure Your Account Empty Re: Secure Your Account

Post by elemntsk8ter Mon Jun 17, 2019 2:11 pm

@KingNightfury - Windows Defender isn't bad, but it's also not great. It would be best to leverage it in addition to another program. Hopefully what gets missed by one program will be picked up by another.

ClamAV or Malwarebytes (previously mentioned) are "best-in-breed" options to help augment WD.
elemntsk8ter
elemntsk8ter

Secure Your Account YP5zkAJ

Posts : 344
Reputation : 21
Age : 32
Join date : 2017-12-05


Back to top Go down

Secure Your Account Empty Re: Secure Your Account

Post by KingNightfury Mon Jun 17, 2019 2:18 pm

elemntsk8ter wrote:@KingNightfury - Windows Defender isn't bad, but it's also not great. It would be best to leverage it in addition to another program. Hopefully what gets missed by one program will be picked up by another.

ClamAV or Malwarebytes (previously mentioned) are "best-in-breed" options to help augment WD.
ok ty cause rn ive been going with just defender, ima put in Malwarebytes to give it a hand, ive used it before to clean one of my friends malware locked laptops.
avatar
KingNightfury

Secure Your Account YP5zkAJ

Posts : 453
Reputation : 19
Age : 29
Join date : 2017-05-05


Back to top Go down

Secure Your Account Empty Re: Secure Your Account

Post by elemntsk8ter Wed Oct 28, 2020 2:29 pm

bumping this to keep your account safe!
elemntsk8ter
elemntsk8ter

Secure Your Account YP5zkAJ

Posts : 344
Reputation : 21
Age : 32
Join date : 2017-12-05


Back to top Go down

Secure Your Account Empty Re: Secure Your Account

Post by Spiritika Wed Oct 28, 2020 6:52 pm

Great guide. Thank you for posting this.
Spiritika
Spiritika

Secure Your Account YP5zkAJ

Posts : 333
Reputation : 37
Join date : 2020-05-11


Back to top Go down

Secure Your Account Empty Re: Secure Your Account

Post by Herbert Thu Oct 29, 2020 8:23 am

thank you, i maked all steps from your security tips guide. many thank you
Herbert
Herbert

Secure Your Account OUwuWDK

Posts : 11
Reputation : 2
Join date : 2020-10-16


Back to top Go down

Secure Your Account Empty Re: Secure Your Account

Post by elemntsk8ter Tue Jan 05, 2021 8:50 am

bumping this due to discussion in game
elemntsk8ter
elemntsk8ter

Secure Your Account YP5zkAJ

Posts : 344
Reputation : 21
Age : 32
Join date : 2017-12-05


Back to top Go down

Secure Your Account Empty Re: Secure Your Account

Post by WeaknSilly Mon May 24, 2021 9:25 pm

yooo, those links were actually super helpful. Cheers.
WeaknSilly
WeaknSilly

Secure Your Account YP5zkAJ

Posts : 151
Reputation : 14
Age : 32
Join date : 2015-07-21


Back to top Go down

Secure Your Account Empty Re: Secure Your Account

Post by WeaknSilly Fri Jun 25, 2021 7:18 am

also idk how but that malwarebytes thing fixed my wifi on my laptop and my desktop <3
WeaknSilly
WeaknSilly

Secure Your Account YP5zkAJ

Posts : 151
Reputation : 14
Age : 32
Join date : 2015-07-21


Back to top Go down

Secure Your Account Empty Re: Secure Your Account

Post by Namagon Fri May 05, 2023 7:45 pm

good tips .. i always use cc cleaner nowadays and surprisingly enough windows security is pretty tight on 11 . we now use it over nortons and mcafee .. nortons has turned into one big scam it seems .. malwarebytes works well ..
anywho yea lots of security on rs lol , always use 2 step and as well use a 2 step on your mail if possilbe  . but from what i understand runelite has some exploits and has contributed to peoples accounts getting hacked i wonder how true that is , i did check it out but un sure if its worth it over all to use
Namagon
Namagon

Posts : 21
Reputation : 6
Age : 53
Join date : 2023-05-05


Back to top Go down

Page 1 of 2 1, 2  Next

Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum