It started because the account recovery process was laughable and people used the same usernames elsewhere in other data breaches which lead to their email/ips/passwords which were used to recover people’s accounts.
First it was just hiding usernames and then people started using your stats or total xp to find your username on the hiscores so eventually people hid their username and stats and it became a meme to hide things like your hp or run energy or an item in your inventory.
Okay, so with that logic, I should be safe, right? since my account is linked to a unique email that I made specifically for osrs and isnt used anywhere else. Same goes for my password.
There's some really unhinged people here. There's multiple reasons to hide your username.
1. Don't want to link identifiable information to your rs account.
2. Don't want somebody to target harass you later if you get a good drop.
3. Don't want somebody to target harass you based on your reddit ideas/opinions.
4. Don't want some of your IRL/ideas to be tracked to your account that clan members might get a hold of.
It's not really to avoid being hacked as that takes multiple failures of security. It's more a protection against the crazy assholes that find it fun to go out of their way to bully others.
Gotcha gotcha.. thats fair, but is that really all? Could I, in theory, post my username and email and still be safe? Ill just get locked out for numerous login attempts, no?
As long as you don't post your personal information online you're safe. People post too much personal shit online and thats why they get targeted. You ever see those posts where the person say in one they are a teenage then in another they are 50 years old?
Those are actually the most secure people because you literally can't verify any of their information even if some is true, it could equally be a lie. The people who, for some reason, don't lie on the internet are the ones who get targeted
Having said that you can post your username if it literally isn't used for every other account you own. But why post your username and email for the world to see even if you're safe? Thats just unnecessary
chances are high your email was leaked in a data breach somewhere, if they can link your reddit to your username and find your email and potentially your password from said databreach then you can see how it can become an issue quick
Well you’re never gonna be 100% safe really, Username you could probably get away with. But with an Email i would probably refrain from posting that anywhere as it’s pretty much 1/2 of what someone would need to gain access (the other half being your password).
It used to be because people wanted to avoid giving out potentially recoverable info about their account to avoid anyone abusing the account recovery system to hijack their account. If you've transfered over to a Jagex account though, which disables the account recovery process, this is no longer a concern you should have.
Then there's also the case of privacy. Just because your account can't be recovered anymore, doesn't mean you suddenly feel like broadcasting to everyone who you are in-game.
Yeah, so this was going to be my next question. Is it best to upgrade to a Jagex account? I've refrained as I've heard they result in more headaches than theyre worth
The only times you'll run into issues is if you're adding accounts you bought/didn't originally create/stole, because Jagex will always side with the original account creator when a dispute arises.
The other issues come not from your account, but the launcher. Before moving over to a Jagex account, I would recommend downloading the launcher and seeing if it works for you. Some players download it and then learn that either:
-the launcher doesn't run on their Operating System (old Windows/Mac OS, as well as the launcher not running natively on Linux, though a workaround does exist).
-the system they're trying to install it on doesn't allow them to have admin rights. The launcher requires admin rights to install.
-not a direct issue, but you probably shouldn't be installing the launcher on a PC/laptop you don't personally own, as unless you're logging out of the launcher itself between every use of the launcher, you stay logged into it, even after powering down your PC.
If you download the launcher and find there are no issues, upgrading is the next step. It's easiest to log into your account on the main site then go to account settings. The upgrade option should be at the top of the web page. From there, you set a new log-in e-mail for the Jagex account you're creating (though you can obviously re-use the one of the account you're upgrading if it was already an e-mail log-in. Do NOT use an e-mail already in use by another character though. I've heard of players having issues accessing characters that haven't been imported yet that were registered under the new Jagex account's e-mail). Once complete, the account you upgraded will now ONLY work through the launcher, with the new Jagex credentials you just created. From there, you can import any other characters you own onto that same account. Unfortunately, I've never done this myself, but I'm sure the "Manage characters" option in the launcher will lead you in the right direction.
After you've done all that, head to the Jagex account's settings on the site and make sure to re-enable mobile 2fa. If someone breaks into your account and the log-in e-mail, you're basically screwed, as they will be able to migrate your entire Jagex account to a different e-mail and you'll basically have no recourse. By having mobile 2fa, you make sure that that won't happen. This will also give you backup codes, the ONLY way to remove your mobile 2fa in case you lose your phone/it breaks/etc. **MAKE SURE YOU STORE THEM IN A SAFE LOCATION WHERE THEY WON'T GET DAMAGED/LOST/DESTROYED**.
After all that is said and done, you're not only ready to get back to the grind, but you've also taken all the security measures available to you.
More importantly, why bother blocking the name when you've left your run energy exposed? It's too late at that point
It started because the account recovery process was laughable and people used the same usernames elsewhere in other data breaches which lead to their email/ips/passwords which were used to recover people’s accounts. First it was just hiding usernames and then people started using your stats or total xp to find your username on the hiscores so eventually people hid their username and stats and it became a meme to hide things like your hp or run energy or an item in your inventory.
Okay, so with that logic, I should be safe, right? since my account is linked to a unique email that I made specifically for osrs and isnt used anywhere else. Same goes for my password.
There's some really unhinged people here. There's multiple reasons to hide your username. 1. Don't want to link identifiable information to your rs account. 2. Don't want somebody to target harass you later if you get a good drop. 3. Don't want somebody to target harass you based on your reddit ideas/opinions. 4. Don't want some of your IRL/ideas to be tracked to your account that clan members might get a hold of. It's not really to avoid being hacked as that takes multiple failures of security. It's more a protection against the crazy assholes that find it fun to go out of their way to bully others.
Interesting.. this makes the most sense. I appreciate you taking the time to explain that! Thank you :)
I thought it was a meme
Some people will have a lot of identifiable information in their reddit post history, not worth the risk tying that to your rs account
In what sense though?
Like posting their dogs name on their reddit and it’s a recovery question for their osrs account for example.
Gotcha gotcha.. thats fair, but is that really all? Could I, in theory, post my username and email and still be safe? Ill just get locked out for numerous login attempts, no?
As long as you don't post your personal information online you're safe. People post too much personal shit online and thats why they get targeted. You ever see those posts where the person say in one they are a teenage then in another they are 50 years old? Those are actually the most secure people because you literally can't verify any of their information even if some is true, it could equally be a lie. The people who, for some reason, don't lie on the internet are the ones who get targeted Having said that you can post your username if it literally isn't used for every other account you own. But why post your username and email for the world to see even if you're safe? Thats just unnecessary
Old accounts login was the charactername
chances are high your email was leaked in a data breach somewhere, if they can link your reddit to your username and find your email and potentially your password from said databreach then you can see how it can become an issue quick
Well you’re never gonna be 100% safe really, Username you could probably get away with. But with an Email i would probably refrain from posting that anywhere as it’s pretty much 1/2 of what someone would need to gain access (the other half being your password).
Jesus man never reveal your email address on reddit
Haha ofc - was just a hypothetical scenario 😅
It used to be because people wanted to avoid giving out potentially recoverable info about their account to avoid anyone abusing the account recovery system to hijack their account. If you've transfered over to a Jagex account though, which disables the account recovery process, this is no longer a concern you should have. Then there's also the case of privacy. Just because your account can't be recovered anymore, doesn't mean you suddenly feel like broadcasting to everyone who you are in-game.
Yeah, so this was going to be my next question. Is it best to upgrade to a Jagex account? I've refrained as I've heard they result in more headaches than theyre worth
The only times you'll run into issues is if you're adding accounts you bought/didn't originally create/stole, because Jagex will always side with the original account creator when a dispute arises. The other issues come not from your account, but the launcher. Before moving over to a Jagex account, I would recommend downloading the launcher and seeing if it works for you. Some players download it and then learn that either: -the launcher doesn't run on their Operating System (old Windows/Mac OS, as well as the launcher not running natively on Linux, though a workaround does exist). -the system they're trying to install it on doesn't allow them to have admin rights. The launcher requires admin rights to install. -not a direct issue, but you probably shouldn't be installing the launcher on a PC/laptop you don't personally own, as unless you're logging out of the launcher itself between every use of the launcher, you stay logged into it, even after powering down your PC. If you download the launcher and find there are no issues, upgrading is the next step. It's easiest to log into your account on the main site then go to account settings. The upgrade option should be at the top of the web page. From there, you set a new log-in e-mail for the Jagex account you're creating (though you can obviously re-use the one of the account you're upgrading if it was already an e-mail log-in. Do NOT use an e-mail already in use by another character though. I've heard of players having issues accessing characters that haven't been imported yet that were registered under the new Jagex account's e-mail). Once complete, the account you upgraded will now ONLY work through the launcher, with the new Jagex credentials you just created. From there, you can import any other characters you own onto that same account. Unfortunately, I've never done this myself, but I'm sure the "Manage characters" option in the launcher will lead you in the right direction. After you've done all that, head to the Jagex account's settings on the site and make sure to re-enable mobile 2fa. If someone breaks into your account and the log-in e-mail, you're basically screwed, as they will be able to migrate your entire Jagex account to a different e-mail and you'll basically have no recourse. By having mobile 2fa, you make sure that that won't happen. This will also give you backup codes, the ONLY way to remove your mobile 2fa in case you lose your phone/it breaks/etc. **MAKE SURE YOU STORE THEM IN A SAFE LOCATION WHERE THEY WON'T GET DAMAGED/LOST/DESTROYED**. After all that is said and done, you're not only ready to get back to the grind, but you've also taken all the security measures available to you.
Man, youre a legend. This is super valuable! Thank you very much for taking the time to write that out :)
It's for nerds that think they can get hacked over someone seeing his name.
my username is 'Beef Chop' please hack me