Forums

Acc Recover Process Vulnerable

Quick find code: 408-409-4-66224616

Venopos
Apr Member 2021

Venopos

Posts: 17Bronze Posts by user Forum Profile RuneMetrics Profile
Hello There!

Although my today's concern was a data provided by Hans in Lumbridge.
I was told to not to share my gameplay achievement just for sake of account security.

This gave me really alarmed over my account security, as this data sounds like a little and should not work as a common key for my account.

So I've attempted an account recovery on one of my accounts.

The questions provided there were so easy to guess, or wide available.


Payment method is not a secure information.
In many countries it can be credit card, xsolla, or some gamecode.

Payment date it's easy to guess as we have ongoing promotion which likely convinced many to spent some money.

Account creation data is broadcasted to everyone every five years. This can be also checked on stats pages, to see where exactly the activities started.

We often know people's nationality by their nicknames / or just by meeting them ingame.
ISP can be guessed, by providing most common ISP's in this country.
Same for country account creation.

In my opinion this is huge flaw, and by terms of communities, it allows other players to get access to their friends account by just giving easy answer.

I have NO trust to this way of account recovery.
Is there any way I can permanently disable any attempt of recovering my account this way?
And is there any way I can provide my private mailbox protected by law, or my mobile phone number also protected by law, so I can get a phone call / mail that I am willing to pay for if neccesary?

07-Aug-2021 11:51:32

2_Tron

2_Tron

Posts: 21,004Opal Posts by user Forum Profile RuneMetrics Profile
Hey Ik Ben Dronk, data provided by Hans in Lumbridge isn't the exact date of account creation and Jagex/JMods are very well aware that a hijacker could also obtain this information therefore it isn't the most important piece of information Jagex/JMods do require to pass an account recovery.
Rest assured there are more important pieces of information like older passwords (multiple)
and other recovery information asked by Jagex/JMods when doing such recovery.
The more times an account gets hijacked/lost the more information you need to add, more than previous recoveries, but at a certain moment it can become an extremely difficult task to proceed with recovery.

'
This is also one of the reasons players should check their account/computer security multiple times a year to see if everything is in check.
'
Write information on a piece of paper as a means of last resort in case if you truly need it.

Putting everything in a vault, as you suggest in your post, may bring you into problems sooner than later if something does go wrong.

07-Aug-2021 12:28:19

Ladyolake
Jan Member 2008

Ladyolake

Posts: 6,666Rune Posts by user Forum Profile RuneMetrics Profile
Also the date they get that cape is broadcast.

My son drops his when he runs out of bank space and goes gets another when he
wants it... its broadcast each time he gets it. Which is not anywhere close to the
5 year mark .
The richest person is not who has the most. It is who Needs the least.

08-Aug-2021 00:37:24

Quick find code: 408-409-4-66224616Back to Top