Old School Runescape Dev Tracker

You are right, but this blog is about account security. Live support is a massive undertaking and a complex process if we are to ensure people are not held waiting in long queues, and we need to consider what type of support can be offered through a live chat system where user verification is challenging. One approach is to look at answer bots that can guide people to help in a 'live' experience, but still offer a traditional contact route to a human support channel if needed. We haven't scoped this yet but it's certainly something we have in mind when considering all support options we might introduce in the future.

Yes, that would be one element of allowing complex passwords to be set

Thanks for your comment, I recall from the days of JAG that it was actually quite problematic, people forget their answers, typo the answers, use spam answers (jelly1, jelly2 etc.) or set answers that can be easily guessed or obtained through social engineering. At the same time, I also hear people (like yourself) saying it worked well ... as mentioned in the blog we are looking at account security overall so it's good to have that context and feedback and we will explore all options.

Top tier content! Who'd make up the elite 4?

Unfortunately, tweeting a Jmod won't enable us to verify who you are, and verify that the info you provide is enough to prove you are the owner of the account - you can get info and advice here: https://support.runescape.com/hc/en-gb/articles/206666629-Denied-password-resets

Nope, to recover an account we need to verify you are the owner and we just can't do that over Twitter - when your requests are denied does that happen quite quickly or does it take a while to hear back from us? If you are being denied quickly it means that very little (or none) of the base information you are submitting matches up, if it takes longer it's actually quite good news, it just means you need to improve the info a bit - and we usually let you know the specific areas to improve to strengthen the next request

That's a great point, I'll see if we can build that into our advice/comms. Edit: We've updated the Bank PIN Support Article to include this specif tip, thanks again :)

Hey Boulder, any system requiring players to send in verification documents is unlikely. For data-handling reasons including data protection (e.g. GDPR compliance), we're leaning away from this sort of thing.

We're not storing in plain text. We can't share the details, but all the required security procedures are in place.

Thank you. It is a first step of many steps and we will be keeping you guys and girls informed every step of the way.

The newest masterpiece.

Let us know which questions you'd like answered on Wednesday's Q&A livestream at 5pm BST!

Questions that provoke discussion are valued over Yes/No questions.

twitch.tv/OldSchoolRS

Thanks!

It turned out to be a phishing lure via Discord, we found no issues with the trade system. Edit: Offenders were permanently banned.

Congratulations on your wedding, OP, and it's amazing to see what kinds of lifelong friendships can spawn from something as simple as chatting to someone in Clan Chat.

All the best in the future!

I see you.