Thread: Important information regarding account security

Thanks for the information, sadly I'm not able to recover my old account, due to forgotten email.. :/

Originally Posted by zenomh

Thanks for the information, sadly I'm not able to recover my old account, due to forgotten email.. :/

Have you tried? https://www.rune-server.ee/site/acco...uncements.html

I think a small step like https://www.rune-server.ee/site/foru...rname-tag.html would be helpful, as a lot of people are turning to discord to communicate their scam.

Originally Posted by S Quare Quxx

Hello,

A recent increase of account hijacking has come to our attention mainly in the form of impersonation to scam other members so this is a good time to list some good practices on how to keep your account safe and how to reduce the chances of getting fooled by an impersonator.

Account security
The following list should be especially followed by frequent market users, middlemen and other "high profile" members who may be referred to by others or easily deemed "trusted" from their appearance or reputation.

• Never reuse passwords and make sure they're strong (16-21+ characters long with lower/upper case characters, numbers and special characters)
  
  • This is especially important with RSPS's and their forums/sites as they don't necessarily follow proper security practices to ensure the safety of your information
  • Use a password manager such as KeePass or LastPass to generate strong passwords and store them
• Enable 2-factor authentication
  
  • Announcement: Two-Factor Authentication + Other Updates
  • I recommend using Authy instead of Google Authenticator as Authy can sync the codes across devices and is easier to backup
• Use a separate e-mail account with two-factor authentication enabled

Market users are recommended to list their contact and instant messaging information on their profile or in their signature once the account is secured. This reduces the chances of someone impersonating you off-forums.

Spotting impersonators
You should always spend a moment before exchanges to make sure you are talking to the right person.

• Have them send you a private message on the forums if the deal starts on an instant messaging platform
  
  • This makes your deal eligible to be handled if you end up getting scammed as we don't deal with reports that haven't started on the forums
• Check their username and previous usernames
  
  • Check I's from L's, zeros from O's and other possible deceptions
  • Rank and recent activity (posts, threads)
• Match the instant messaging information of the account you are talking with with the listed contact information on the person's forum account
  
  • Again pay attention to I's and L's, zeros from O's and other deceptions

In case you spot a hijacked account or an impersonator on the forums, post a general report with a filled format (found in the announcement) and notify a staff member.

If you ever feel unsure about a situation or someone you are dealing with, you can ask a staff member for assistance with verifying. An alternative is to use a middleman but even with them you should go through the above list as they are also just regular members.

Happy new year and a safe 2018,
Rune-Server Staff

Just Lock the inactive account like a simple system Verification mail to log
Shouldn't be difficult to do in sq , like move all accounts "last login equals blaba" and move it into "validating" usergroup

"Hacker" may be able to find the password , for the rs account since it's inactive but not the email.

Originally Posted by Noele

I think a small step like https://www.rune-server.ee/site/foru...rname-tag.html would be helpful, as a lot of people are turning to discord to communicate their scam.

Done

Have you guys ever thought about adding the Security code like Runemate has? Would help save alot of accounts and time on you're guys end

Originally Posted by Mikey21

Have you guys ever thought about adding the Security code like Runemate has? Would help save alot of accounts and time on you're guys end

Whats that?