devtrackers.gg Old School Runescape

[2019] Anything else to add to account security?


Original Post — Direct link

Hello everyone. Sadly I was r------ded enough to not take care of my account security and ended up getting hacked. Seems like they just chugged most of my sh*t to GE and traded it away. I suspect it was because of a sh*tty password. Here's the things I have done so far:

Fresh installation of windows (was planning to do this for a while now...), changed to a stronger password, activated 2FA on my RS account + email, finally activated bank PIN.

So the question is pretty much if there's anything else to make it more secure?

External link →
over 5 years ago - /u/JagexConsuela - Direct link

I see this coming up a lot, so here's my general advise as a web developer:

  • Use a password manager that creates a different password for all your credentials (LastPass, KeePass, etc)
  • Make sure your password manager, your email, and your RuneScape account all have 2FA activated
  • Be careful with social engineering (the act of finding information about you to use in the recovery questions)

These 3 steps make it so that in the vast majority of cases, your account is secure. Once step (1) and (2) are done, you only need to be careful with step (3). If your security question was "What's the name of my first pet?", and then you go on social media and say "My first pet ever, Peepoo, is so cute", you are opening yourself up to being hacked. Choose security questions that are personal and memorable, don't share their answers, and you should be just fine.

  • Specifically in RuneScape, add a bank pin too
over 5 years ago - /u/JagexConsuela - Direct link

Originally posted by Enza-Denintendo

Thanks for the tips,

would you recommend LastPass or KeePass, or is there no real difference between them? I was about to add it as an extension to my Chrome browser, but i'm skeptical about giving all my information to this extension. From my understanding, it stores all your passwords and encrypts them so that if your computer is ratted, your saved passwords are atleast safe from hackers?

But what about the developer of this extension? Or am I being too silly here. Which one do you use?

I don't know enough about KeePass, but LastPass seems to be safe. Of course, you're always trusting the developers of LastPass to not be shady, right? But that happens with everything. You trust your bank to not be shady, your email, facebook etc. There is a line that you can't go any further than that.

So for now I'd vouch for LastPass. Its last breach was, AFAIK, in 2015, and you were safe since (quote) "your passwords are salted, hashed and stretched, and only ever stored in that scrambled, irreversible form".

I use LastPass, have been using it for years, and didn't have any problems with it ever. And it's nice to not feel the "fear" of a hack!

← More from Old School Runescape





Recent Old School Runescape Posts

Leagues V Teasers & FAQs - Releasing November 27th

about 23 hours ago -

I'll be getting dragon tier with Kandarin...

1 day ago - /u/JagexSarnie

Reminder: Legacy Java Client - Retirement & Shutdown

3 days ago - /u/JagexSarnie

Mini-reveals: Quality of Life

4 days ago - /u/Mod_Kieren
Get Discord notifications
OSRS Skill Calculators