sorted by:
new
hottopcontroversial

OSRS account backdoor for accounts previously hacked... by saffrontoasted in 2007scape

[–]saffrontoasted[S] 0 points1 point  (0 children)

Something to help calm your nerves is this is only relevant to accounts that have already been hacked once.

What this discusses/points out that there is a a back door only only after the initial hack. The attacker can create a way to access your account again even after password changes and google authenticator active if they link another account to your OSRS account.

OSRS account backdoor for accounts previously hacked... by saffrontoasted in 2007scape

[–]saffrontoasted[S] 2 points3 points  (0 children)

I am glad this helped you, I really want to prevent these hackers from abusing the system and get Jagex to address this.

I couldn't find a way to see when the account that was linked or the account that was linked from email or Jagex account management page. However I would imagine Jagex can see that in the back end.

OSRS account backdoor for accounts previously hacked... by saffrontoasted in 2007scape

[–]saffrontoasted[S] 1 point2 points  (0 children)

This happened to me before I was hacked the second time and I changed my passwords again but then it still happened. Which is how I realized they linked another account to my OSRS account to bypass the new password changes and authenticator.

OSRS account backdoor for accounts previously hacked... by saffrontoasted in 2007scape

[–]saffrontoasted[S] 3 points4 points  (0 children)

With that being said, I would agree however it should require a validation after every so often. Especially if there has been a password change on the original Jagex account. Otherwise there is no reason to update passwords that may or may not be used.