News

RSGOLE Trader - Jagex uses a LOT of aegis features

RS3/OSRS passwords aren't case sensitive? So endure night I accidentally logged in with RuneScape gold caps lock angry on and to my abruptness it logged me in. I approved just capitalizing accidental characters in my countersign and it still worked.


Does anyone apperceive if there is a acumen for the countersign to not be case sensitive, because it seems a bit afraid to me.


Because there's a absolute to bulk of login attempts allowed, case acuteness isn't in fact necessary. And because you can't ctrl-v your countersign and acquire to blazon it out in full, case acuteness would advance to added countersign errors.


The actuality is your annual will never get afraid by animal force effort, you'll be afraid by a virus or RAT or phish or aperture your countersign to THEM in some way.


I acquire what you're saying, but I don't see how abbreviation aegis is adequate in any case. If I mistype my countersign abundant to lock my annual because I can't blazon the cases accurately afresh that's my accountability for accepting too circuitous of a password.


It'd technically be added secure, yes, but in the admirable arrangement of things, it adds absolute little added security. As Kakamile said, a lot of annual hijacks are not from bruit banishment passwords, which is why humans about use case sensitivity, but rather through phishing, malware or alike.


It could potentially be difficult to apparatus for Jagex, depending on how the accepted arrangement is structured, and with it abacus about no added security, it's not in actuality abominable prioritized, compared to added able annual aegis measures, like 2FA, annex detection, etc.


Jagex uses a LOT of aegis appearance - login limits, minimum countersign standards, nonpasted passwords, auth, pin, coffer auth, anti-keylog pin security, accretion q's...


Something that acutely increases the bulk of annual appeals like JAG or case acuteness is added accident than security, because it becomes so accepted for both hackers and approved players to ask for resets that hackers can blooper through the cracks.


Bank authenticator is not a aegis feature. I haven't in fact activated this but I've asked how it works and allegedly it is angry to your log in authenticator, appropriately if anyone manages to admission your annual by allowance the authenticator they acquire admission to your coffer too. One could altercate that it's absurd to canyon authenticator but what's the point of coffer PIN or coffer authenticator anyway, then.


I aswell don't anticipate that accretion questions still exists, and they were just a agnate botheration as JAG was. JAG appropriate you to acknowledgment a agnate catechism as accretion questions. That was the acumen why the scrapped it. Humans forgot their answers, and to my knowledge, that's why accretion questions were scrapped too.

Jan-18-2018