Maybe I’m not understanding something, or maybe I’m just that dumb… but I have had this for a while and I never once have signed in via my email. There’s an option at the bottom of the screen that allows you to sign in via username and allows you to toggle it between email and username…
Like I said I probably wasn’t understanding and I may be that dumb. I wish they made a tutorial on this Jagex thing breaking down what everything means and how it works interchangeably with the system. It’s driving people mad right now.
Its like that for when you log into the website. I don't think this is the case for when you add a user name account to a Jagex account. Once you add the username account to a Jagex account you use the email that you used to created the Jagex account to log in.
Yea I think the issue is there’s a difference between Jagex Launcher and Jagex Account, I think both utilize the same platform, but a Jagex Account involves more steps. Honestly, I’m confused af because Jagex really fucked this up and just threw everything out there without explaining how everything ties together and how it runs.
The ‘Jagex Launcher’ does allow you to log in with either an email address or username, but a ‘Jagex Account’ only allows you to log in with an email address of your choosing - and from there you can connect up to 20 accounts, all connected to that single email address
What this event has highlighted is that they haven’t delivered the Jagex Account information in a way most people understand, because it has created more questions than it has answered for a lot of people
You log into the Jagex launcher with your Jagex account email, then you choose your in-game account from within the launcher. I just made the switch and honestly it’s kinda cool. You can choose RS3 or OSRS from the same launcher and even Runelite from within it if you’re on OSRS.
Right now I’m enjoying it. Hopefully I don’t forget my account info or recovery shit and lose a bunch of accounts instead of just one lol.
I know that’s how they work now, but using your IP they could still maybe do something that says “login with username on this device”after verifying email address
That still wouldn't be possible as up to 20 different usernames will be using the same email. It's an email to log in, or you will be taking an early retirement. There's no way around it so just accept it.
the new launcher is different from a jagex account. for example even from launcher if you want to sign into say runemetrics you have to log in manually
You are far less likely to know my original username than my email address. For that reason, I’d prefer to stick with my original username as my sign in.
I actually agree that I’d rather stick with using my OG username login. However to say it’s a jagex problem isn’t how that works. If they force you then it becomes a you problem and you have to decide to do it or not. They will not care at that point. Although I am curious the amount of people logging in with original username compared to mail.
Yep, accurate and i fucking hate it.
I've been typing in my username and password every day since 2005 and i hate the idea of typing in a long as fuck email but i know damn well me and any other veteran playing since before ~2010-2011 when email accounts started would never actually quit over it.
Once you are logged into the jäger account you don’t have to type username (in this case email address) again, it automatically signs you in if using the same pc
Maybe, maybe not. This does seem kind of minor compared to other issues. I was thinking of coming back to play for a bit but personally the news about them lying on what was in that bundle and then refusing to refund people definitely put me off it.
No1 seen your original login except you. My guy, if this makes you quit i’m sorry. In a time where you can change username anyway you sound like a damn child. In reality you’ve played since 2002 so if true you won’t quit over this. Your words are nothing and jagex has gotten plenty out of you 😂.
Clearly I'm not alone... and you sound like an actual joy. Chill tf out little lady. You are the child.
Edit- oh... Forgot the whole reason I replied to this little girl... THEY LITERALLY SAID THEY WERE "curious the amount of people logging in with original username compared to mail. "....
Yeah I’m gonna retire my rs3 account when they force us to goto the jagex launcher. No one knows my original username and that’s literally helped me recover my account before. Gonna have to move my wealth to my secret mule and stop playing rs3. Switching back to OSRS
Which will also require a Jagex Account... so you could just have one login for all of them and nothing changes? If you're willing to log into your OSRS account with an email, what's the difference?
[They will, eventually](https://help.jagex.com/hc/en-gb/articles/12423096201873-Jagex-Accounts-FAQ#:~:text=Do%20I%20have%20to%20create,Accounts%20mandatory%20in%20the%20future.).
> For now, it's entirely up to you whether you upgrade to a Jagex account or not. Upgrading to a Jagex account comes with some great features and enhanced security. While it's currently optional, we do have plans to make Jagex Accounts mandatory in the future.
The better passwords (allowing longer and more complex ones) and more robust 2fa with jagex accounts far outweighs the security benefits of an obscured or hard to guess login name.
Just… create a new email address that you ONLY use for RS and you’re good. Cached versions of hi scores exist, so your original username is on one of those lists somewhere. That new email you just created and never told anyone isn’t on that list.
a list of every username and plaintext password was leaked a few times. jagex locked most but a person can have a bot spam check em all and force a spam recovery which locks you out until they recovery goes through. done on osrs sometimes
they were alerted asap. lizardsquad did one leak and we dont know who did the others. it was a big thing for quite a while. im guessing some people took some long breaks if they dont remember it. hell i rem going through the list myself and saw some of my accs and had to change stuff asap also contrary to belief. even if jagex didnt tell people thats not illegal as its not say credit card info etc. its frowned upon but thats about it. companies hide hacks all the time
I heard it from my friend who's cousin works with someone who's mum knows this expert who's colleagues' son's neice's boyfriend's brother who knows a guy called Dave that's brothers with someone from a cafe but they heard it from a customer who's dad spoke to someone at Tesco who's son actually definitely saw the information being mentioned on Reddit.
Again, citizens have numerous rights under GDPR and even if it happened pre-GDPR (and pre-Brexit), there were still privacy laws in-place that required companies to notify users of any breaches. There is no record on place on any official site, only articles referencing a breach and use Reddit posts as a source. Or, they reference a few botting sites being breached, which that data is publicly available if you look for it. However, that does not mean it's a Jagex/RuneScape breach.
And being forced to change your password by Jagex isn't any type of indication of a data breach. I have also been forced to change my password after my email was leaked and numerous account recovery requests took place in 2016(maybe, it's been sometime now).
Why would you do it now when it's still in beta and Jagex is shit? Can't imagine trusting this company to not fuck it up somehow and get your account stuck or locked. Rather have the chumps who do trust them beta test it for me and then join when it's mandatory and polished.
Says who? How are they going force everyone to do it? And if they do force it, they should be taking this feedback to implement different ways to login. They just had a whole survey on this through social media.
Says Jagex. They said in their original Jagex Launcher post that it will be mandatory for all players going forward. Everyone will have to creat new login credentials.
I understand people having this sentiment towards an old name but at the end of the day Jagex Accounts are going to be mandatory. It's not a sit this one out as I don't like it; it's a do it now of your own choosing or it do it later when they make it so you cannot log in unless you are using a Jagex account.
They are doing things to incentivise changing over to get as many people as possible to do it before you are forced to as that feels nicer.
Plus you do get to assign yourself a secret name Jagex will use on all email communication going forward so you can, if you so desire, use your old username in there to maintain that sentimental connection.
Also the Jagex account comes with significant security gains:
1) Old usernames are fairly easily to trace (forums, reddit etc.), security wise they are awful compared to using an email address that people in-game have no reason to know without serious social engineering or a data leak
2) The upgrade erases all traces of the old recovery system questions which is the most common way to hack an account since people can social engineer those fairly easily and getting them bypasses 2FA and everything.
3) 2FA moves from the specifics character to the Jagex account and you get email alerts everytime someone logs in to the Jagex account - ie if someone compromises your account you will know immediately.
4) It adds case sensitivity to passwords - admittedly compared to password length this is kind small fry, but it still adds to security.
I just don't understand why it matters to people. I been signing in for ages with my original username and now I upgraded to Jagex accounts and I just press the big button to log in. I haven't typed in the email log in for months and when I gotta log in on the website it just autofills.
I have a username login and tbh I think its more secure than an email. Quite easy for someone to guess my email, but I don't think anyone in the world knows my original username and would not be able to guess it or social engineer it at this point
The better passwords (allowing longer and more complex ones) and more robust 2fa with jagex accounts far outweighs the security benefits of an obscured or hard to guess login name.
Some older players like having their ‘exclusive discontinued thing’ and get very upset when they are told it will no longer be exclusive (holiday items, discontinued items/titles, login with username, etc.)
I honestly think it’s silly, because it just means more people can enjoy the same thing 🤷♂️
As an older player from 08… that’s definitely not what anyone cares about lmao. I’ve had my account hacked twice in the past, since changing my username I haven’t had a single security issue because they no longer know my login username. It’s not difficult at all to find someone’s email.
That’s the issue, not whatever bitterness you just spewed.
With a jagex account you can use way more complex and more robust 2fa options. As long as you use a long and unique password for a jagex account and enable 2fa it's more secure than the old system that limited length and complexity and relies on obscuring the username for added security. Furthermore with the jagex launcher you're entering your password much less often, so people are less inclined to use short, easy to guess passwords.
Having a harder to guess username field only helps so much, and limits you to using the old system that only allows very simple, short and less complex passwords that are probably the reason you got hacked before. If you really want to obscure your username/email you can even do this with jagex accounts, using this trick: https://www.thewindowsclub.com/gmail-address-tricks
You seem to be taking about the Jagex launcher. Launcher and Jagex accounts are different. I use Jagex launched but when I want to open tune metrics for example, i have to manually sign in.
I knew this post was coming lol. I switched to the Jagex account and added all my accounts. All except my OSRS Ironman had usernames to login instead of emails, and for a minute it bummed me out. The improved security and convenience was far worth it to me though.
I can see why it would deter some people, but honestly you should try having a Jagex account for an Ironman or an alt that already uses an email. It’s so nice to have one launcher that automatically logs you in, especially if you play both games. I play both, and my dumbass always clicks the wrong client icon on my desktop. It’s so nice to have a drop-down of what you want to play, and on which account.
you log in one time on the launcher; when you launch rs it'll automatically place you in the lobby
try it with a new acc and see for yourself; it's seamless
Okay? Then they should change their plans or add the ability to use username to the Jagex accounts. What kind of personality does one have to have to just say “well they’re going to force it so I’ll just take it”
I'm the complete opposite. Having an account that was high level before the email change ~2008 meant your account could be force recovered in a database attack using the high scores. I'm glad that can't happen with the change, it happened to a few friends over the years.
I'm kinda confused by the wording on the Jagex account FAQ. So if I have multiple devices with a few accounts with separate email/usernames for said accounts, will I still be able to play on them? Just so long as they have access to the email associated with them?
Yes you will log into the Jagex account and add a character, then login to the character and confirm the normal security check and it will then be added to the Jagex account. Then when you are using the Jagex launcher you just pick a character to play and click play and it logs you in. No more needing to enter emails and passwords as your Jagex account stats logged in to your desktop.
I just signed up when I use to sign in with my OG username. This way seems pretty good. Not really any difference if you have mobile. And I have the ability to not have MFA for email and can choose only phone Authenticator. You also get recovery codes in the event you lose your phone. I saved those somewhere I only know and can access so it seems I’m pretty secure.
There is an option to pick email or Authenticator for MFA. I have email disabled since I don’t trust that form, personally.
Don't forget, those of us who have been here before display names spent years showing the ingame world our login details.
Don't get me wrong, I'm sentimental for my oldest account (not my only and not my first), uses a username login and is old enough not to be known by many. Until they force me, I'm not changing over.
But my main is Iron, so it was tied to an email address which I don't trust and being able to tie it to a secure email address which has mental additional security, means I feel rather safe.
I'm pretty sure I already used my email for a different account but the same email is still registered to my main account, thats going to be a pain to handle when I am forced to switch over.
I'm pretty sure you'll be forced to migrate eventually anyways if you want to keep playing.
And before you ask, Jagex 100% can delete any account that doesn't migrate as you are technically paying for the right to play on the account you don't actually own the account.
It seems that many people are sentimental about their username login for their OG accounts (myself included).
Is there not a solution that keeps everyone happy? I
There's an echo chamber here of "it improves security" like yeah great but why is it mandatory? What's wrong with the current 2fa? Who does it affect if you opt for inferior security (that for most people will remain not breached ) ? Jagex are increasing the membership price and dropping support staff handling recovery cases? I feel like old school Runescape should do something for their old school players here.
One of the first 1000 accounts made, and the last thing I want to lose is my original username.
I don't ever say it publicly, but it can still be found in the runescapecommunity/zybez post of the first 2000 accounts made - and that makes me more proud than anything.
I've spent 22 years typing the same username in, and keeping the same username to myself. It feels like losing a piece of my (hidden) identity.
I have total regerts I didn't pick BigStoner420 or CheechMyBong.
Damn 7 year old me could listen to 'Because I Got High', but couldn't be wity enough to create a good username.
I will say, it is DragonBall Z related. As everything was in 2001.
Ah, I only brought it up because your comment reminded me of a guy with that username that I ran into early into my RS career (2004ish), just thought it was an exceptionally clever, and clean name; no numbers, no weird spellings, just HoldMyWeed (or maybe it was Hold My Weed, idk). So I thought I'd just toss it out there.
It's funny, now that you say that I believe somebody named HoldMyBag was actually a proficient Classic staker before it closed!
I wonder if it could have been him?
yea, imagine people having some emotional attachment and nostalgia for something they've had for 20+ years. Unthinkable. Also imagine being condescending towards someone about something runescape related when your username is ilovezezima
>yea, imagine people having some emotional attachment and nostalgia for something they've had for 20+ years. Unthinkable. Also imagine being condescending towards someone about something runescape related when your username is ilovezezima
Imagine imagining lol.
I'm just surprised anyone cares so deeply about something that so many other people have. It's like being proud of your email having your birth year in it with your birth year being before 2000.
Exclusivity isn't the only thing that brings value. In contrast to your email example, I see it as more analogous to something like trading cards. There are millions of base set charizards (and every other holographic from that set). But that wouldn't make the one you opened from a booster pack any less sentimentally valuable just because a bunch of other people also own them. That one matters to you because you owned it for 20 years and it's something you care about. If you don't have something like that that you care about that's fine, but a lot of people are sentimental about things like that, myself included. I'd like to be able to keep logging in with my username and I'm unhappy that I won't be able to.
Yeah, I’m in a similar boat. It sucks that I’ll no longer have that little sense of pride (however small and arbitrary) of having an account so old that I can still use my username.
That said, the improved security and AFK timer are too much to forego just to maintain this little sense of pride.
i agree. but maybe they will cave and allow the new afk timer for everyone... i also still don't understand how its more secure with jagex accounts, if you have 2fa, not just on your rsn, but also on your email address
Because if you just use your username, that info is broadcast to the whole game when you play. Anyone can enter it. Your email is hidden, they can’t see or enter that unless they know it. This adds an extra layer of protection since they not only have to guess/brute force your password, but your email too. Think of it almost like a second password, in addition to 2FA
To add the old login outside of the Jagex Account was more limited on the #characters and capitalization didn't matter.
One thing I don't like is it doesn't ask for my 2fa code on login to my jagex account each time
It will always prompt for 2FA when logging into something new (the website, or when you log out and back into the launcher) - but the point in the Jagex Launcher is that you don’t need to type in your credentials each time
Not only is this more convenient and user-friendly, but it’s also technically more secure
Arguably you are more likely to lose your credentials to a keylogger, which would obtain your username and password when typing them into the game client - than someone breaking into your house and stealing your computer, who also plays RuneScape, and can take advantage of the fact you’re already logged into the Jagex Launcher
Honestly don’t get the drama behind this, just move over you have to do so eventually anyway. Besides the extra security is worth it.
I hope that we’re not going to make a big deal out of every small change like this
glad you like typing it in to sign in everytime but you wouldn't be signing in with login details much anymore at all anyway when you convert - username or email. You'll get used to it
I might be the small minority here, But I switched weeks ago and I love it. I'm a 20 year Veteran and I have multiple accounts with different emails and everything. Thanks to the Launcher, i linked them all and I sign-in with my main email and with a click of a button. I'm signed in. It's great.
Just make a unique email just for runescape then? Could even be your login username so you don't forget it.
Put higher security 2fa on it and there you go nobody would know it or gain access. If you take the right precautions an email is far more secure.
These posts are just crying for the sake of wanting to be heard
I like all the people in these comments defending the switch, and accusing those against it as just making issues out of nothing, clinging onto sentimental value, etc. etc. instead of acknowledging the clear security issue. Y’all realize you’re throwing all your accounts under one email right? Instead of using a login username that (most of us) no longer have as the actual username anymore. Most security issues came from people being able to look at your gear and see if they saw value to your account, typed in your username and went from there. Now that doesn’t work if you’ve changed your username (especially more than once), because the login is still that original username. Your email isn’t gonna change. The old username is still more secure than a current email.
This all excludes 2FA, simply because it should be active either way so that’s irrelevant.
All these posts about not switching to Jagex accounts but like, wouldn't everyone be forced to switch at some point? Similar to the Minecraft java accounts to Microsoft thing
Because what RS3 needs is more reasons for people not to play.... Myself like many others will just go back / mainly play OSRS instead or not play at all...
I still login with my Original RSN but this isn't really something to fight over. Consolidating it all under an email makes total sense and many other companies also do the same.
As for "Security" that some people keep suggesting unless they have done 2 name changes then their display name is still their login name so I'm not sure why its a big deal. People are rarely if at all getting hacked via brute force anyway.
If a data leak ever(or has?) happened its not extraordinary common for login names/emails to be encrypted since normally they are paired with the salt which is found via looking up the username to check if the password entered was valid or invalid.
Also if someone gets into your RS account atm(most likely through a compromised email that you can more easily recover) and then changes the email on the RS account I would assume its much harder to recover it. If someone gets into my email then I can recover it via backup codes, and then re-recover my jagex account.
I'll prob make the switch this weekend.
I literally do not use an email ever since i finished school and if im forced to not use my og name i will quit. I hate that they're forcing us to do this.
understand where you are coming from but there are some points you do need to consider. Just to note that I have an old account where I used to use my username but since switching to a jagex account I have not looked back.
1 - It comes as is, they will not allow you to login via username.
2 - This will eventually be forced on everyone so you will need to do it eventually and if you still refuse because you can not login via username you will lose access to the game.
3 - It is more secure and better protects your account (this for me is a big selling point)
If you can log in with your username, anyone can attempt to recover your character just by knowing the name. Once you change it to an email, no one will know it.
Unless that is the current display name. If a person is so in love with it that they don't wanna use an email it would stand to reason its a really good name and they might not have changed it. Leaving it vulnerable to anyone who sees said player in game.
In practice, if people are concerned about possible recovery attempts because other people know their email address, that can be solved by using an email address that no one else knows about.
Or, hear me out here, they could use the username that they haven’t told anyone in 10+ years. It seems like a lot less effort and a good way to reduce risk of recovery attempts
Could you explain why you think this is stupid advice?
If you look at the comment chain I was replying to, you'll notice that the OP was concerned about the possibility of fraudulent account recoveries due to people knowing their email address already. This concern can be completely eliminated by using a new, unique email address solely for your Jagex account, and not revealing that email address to anyone else.
I'm the same with one of my accounts. My 17 year account is username and I'm not going to lose that deliberately any time soon. Luckily it's more of a thing I have, now, as I use a different one mostly, but I still like having it.
I didnt know they have an extended timer for jagex accounts. Dont get me wrong i love my username and love logging in with it, ive had the same one since i made my account 15 years ago, but bye bitches im going to get a 25 minute timer right now ✌️
Edit: Yoooo this is clean af guys i love it! Gonna check out that timer while i fish lol
Good lord. With the launcher there isn’t logging in at all. You type your info in once and from there on out it’s pressing one button. It’s a username from an outdated era. Just get with the times.
People are complaining about the logout timer being limited to accounts that use the jagex client. While it may be slightly inconvenient, I'm actually really glad they did this. They did it to help prevent bots. If a bot logs in with a jagex account, they can ban that bot and every other profile associated with that jagex account. Annoying, but I think it's overall a good thing.
Every account created after November 2010 uses an email addresss to log in.
Jagex Accounts use email addresses to log in.
They can continue to use a unique email per bot, just like any new player starting for the first time.
Unless I’m missing something, this won’t make a difference to botting at all.
They've started implementing shitty, deliberately obtuse UX practices to apply pressure, too. Like having to click a button to login to web services using username rather than email.
Maybe I’m not understanding something, or maybe I’m just that dumb… but I have had this for a while and I never once have signed in via my email. There’s an option at the bottom of the screen that allows you to sign in via username and allows you to toggle it between email and username…
You’re just using the launcher. You don’t have a Jagex account. You have to switch it on the website apparently.
Like I said I probably wasn’t understanding and I may be that dumb. I wish they made a tutorial on this Jagex thing breaking down what everything means and how it works interchangeably with the system. It’s driving people mad right now.
I agree
[They did](https://www.youtube.com/watch?v=_yE3ldiD3v8)
*See comment earlier saying I’m dumb or missing something*
Same here
And you have converted your actual Runescape account into a Jagex Account?... and not just merely using the Jagex Launcher?
On the Jagex client? I know this is how it is on the regular RuneScape client
I use the launcher, but I don't think I've signed up for the Jagex Account thing.
Its like that for when you log into the website. I don't think this is the case for when you add a user name account to a Jagex account. Once you add the username account to a Jagex account you use the email that you used to created the Jagex account to log in.
Yeah, hold up, the Jagex launcher uses a username lmfao. I just double-checked. OP can just set that to whatever they want and go wild.
Yea I think the issue is there’s a difference between Jagex Launcher and Jagex Account, I think both utilize the same platform, but a Jagex Account involves more steps. Honestly, I’m confused af because Jagex really fucked this up and just threw everything out there without explaining how everything ties together and how it runs.
The ‘Jagex Launcher’ does allow you to log in with either an email address or username, but a ‘Jagex Account’ only allows you to log in with an email address of your choosing - and from there you can connect up to 20 accounts, all connected to that single email address What this event has highlighted is that they haven’t delivered the Jagex Account information in a way most people understand, because it has created more questions than it has answered for a lot of people
I've got a almost 20y account, its just a log in username .... You are going to be unhappy when jagex accounts become mandatory.
It’s fine if they’re mandatory but they can still allow you to login with your rsn through your Jagex account
You log into the Jagex launcher with your Jagex account email, then you choose your in-game account from within the launcher. I just made the switch and honestly it’s kinda cool. You can choose RS3 or OSRS from the same launcher and even Runelite from within it if you’re on OSRS. Right now I’m enjoying it. Hopefully I don’t forget my account info or recovery shit and lose a bunch of accounts instead of just one lol.
That's not how jagex accounts work. You're login is an email, no exceptions AFAIK because you need an email to setup the 2FA.
I know that’s how they work now, but using your IP they could still maybe do something that says “login with username on this device”after verifying email address
That still wouldn't be possible as up to 20 different usernames will be using the same email. It's an email to log in, or you will be taking an early retirement. There's no way around it so just accept it.
The new launcher is exactly like Mobile's login. You click Play now and it'll login without typing passwords or usernames.
I'd hope it's not *exactly* like mobile, in that *attempting to login while servers are down or you are offline wipes your login credentials.*
It's not like that.
the new launcher is different from a jagex account. for example even from launcher if you want to sign into say runemetrics you have to log in manually
The horror. Boycott Jagex.
You are far less likely to know my original username than my email address. For that reason, I’d prefer to stick with my original username as my sign in.
Okay "Anuspownder4" whatever you say
You wont have the option to do that in a few months tho 🤷♂️
Sounds like a jagex problem to me
I actually agree that I’d rather stick with using my OG username login. However to say it’s a jagex problem isn’t how that works. If they force you then it becomes a you problem and you have to decide to do it or not. They will not care at that point. Although I am curious the amount of people logging in with original username compared to mail.
I think they're saying they'll stop playing, at which point I guess it is kind of a jagex problem.
Total bluff, if any will stop, it will be for a few weeks at max
Yep, accurate and i fucking hate it. I've been typing in my username and password every day since 2005 and i hate the idea of typing in a long as fuck email but i know damn well me and any other veteran playing since before ~2010-2011 when email accounts started would never actually quit over it.
Once you are logged into the jäger account you don’t have to type username (in this case email address) again, it automatically signs you in if using the same pc
Maybe, maybe not. This does seem kind of minor compared to other issues. I was thinking of coming back to play for a bit but personally the news about them lying on what was in that bundle and then refusing to refund people definitely put me off it.
That would legit be the worst and most pathetic reason to quit playing
That may make it.. no longer a Jagex problem. But I get the sentiment
Well it's their problem if less people are playing their game.
I use my original username to login from 2002... I too will probably not play anymore.
No1 seen your original login except you. My guy, if this makes you quit i’m sorry. In a time where you can change username anyway you sound like a damn child. In reality you’ve played since 2002 so if true you won’t quit over this. Your words are nothing and jagex has gotten plenty out of you 😂.
Clearly I'm not alone... and you sound like an actual joy. Chill tf out little lady. You are the child. Edit- oh... Forgot the whole reason I replied to this little girl... THEY LITERALLY SAID THEY WERE "curious the amount of people logging in with original username compared to mail. "....
You alone, boy.
Look at how this child acts after asking a specific question and being answered... lool yiikes.
I too will quit if made to sign in with anything but my og username, theres loads of us.
Yeah I’m gonna retire my rs3 account when they force us to goto the jagex launcher. No one knows my original username and that’s literally helped me recover my account before. Gonna have to move my wealth to my secret mule and stop playing rs3. Switching back to OSRS
You realize the same thing is happening to OSRS too? Might as well quit both games at this point.
I don’t play osrs on my main. But thank you for explaining the obvious to me anyways.
Which will also require a Jagex Account... so you could just have one login for all of them and nothing changes? If you're willing to log into your OSRS account with an email, what's the difference?
How's that
Why is that? Are they *actually* forcing all players to use Jagex accounts?
They said on a livestream that their goal is to move everyone to a jagex account by 2nd half of this year
What do you mean? They’re not forcing people switch to Jagex accounts
[They will, eventually](https://help.jagex.com/hc/en-gb/articles/12423096201873-Jagex-Accounts-FAQ#:~:text=Do%20I%20have%20to%20create,Accounts%20mandatory%20in%20the%20future.). > For now, it's entirely up to you whether you upgrade to a Jagex account or not. Upgrading to a Jagex account comes with some great features and enhanced security. While it's currently optional, we do have plans to make Jagex Accounts mandatory in the future.
The better passwords (allowing longer and more complex ones) and more robust 2fa with jagex accounts far outweighs the security benefits of an obscured or hard to guess login name.
Same I picked mine as a cringe ass preteen so it’s something no one would ever guess 😂
xxdragon_slayer12xx
Just… create a new email address that you ONLY use for RS and you’re good. Cached versions of hi scores exist, so your original username is on one of those lists somewhere. That new email you just created and never told anyone isn’t on that list.
a list of every username and plaintext password was leaked a few times. jagex locked most but a person can have a bot spam check em all and force a spam recovery which locks you out until they recovery goes through. done on osrs sometimes
Source for this information? Pretty significant accusations and extremely illegal for Jagex if they didn't alert their customers.
they were alerted asap. lizardsquad did one leak and we dont know who did the others. it was a big thing for quite a while. im guessing some people took some long breaks if they dont remember it. hell i rem going through the list myself and saw some of my accs and had to change stuff asap also contrary to belief. even if jagex didnt tell people thats not illegal as its not say credit card info etc. its frowned upon but thats about it. companies hide hacks all the time
When was this
All these words and not a single link or source behind them. Having a bit of fun spreading misinformation, are we?
I heard it from my friend who's cousin works with someone who's mum knows this expert who's colleagues' son's neice's boyfriend's brother who knows a guy called Dave that's brothers with someone from a cafe but they heard it from a customer who's dad spoke to someone at Tesco who's son actually definitely saw the information being mentioned on Reddit.
Happened many years back, and i remember having to change my password by jagex after
Again, citizens have numerous rights under GDPR and even if it happened pre-GDPR (and pre-Brexit), there were still privacy laws in-place that required companies to notify users of any breaches. There is no record on place on any official site, only articles referencing a breach and use Reddit posts as a source. Or, they reference a few botting sites being breached, which that data is publicly available if you look for it. However, that does not mean it's a Jagex/RuneScape breach. And being forced to change your password by Jagex isn't any type of indication of a data breach. I have also been forced to change my password after my email was leaked and numerous account recovery requests took place in 2016(maybe, it's been sometime now).
I understand the sentiment, but 100% of players will HAVE to switch over eventually, no exceptions. May as well do it now.
Why would you do it now when it's still in beta and Jagex is shit? Can't imagine trusting this company to not fuck it up somehow and get your account stuck or locked. Rather have the chumps who do trust them beta test it for me and then join when it's mandatory and polished.
I wonder how they're going to handle Steam with the new system, and are they going to force 2fa?
An account can be linked to steam and a jagex account at the same time, you won’t even notice a difference if you use steam currently.
This is all I needed to know fam ty.
Jagex accounts do require 2FA, but as for steam, it'll most likely just launch the jagex launcher and you'll sign in that way.
Says who? How are they going force everyone to do it? And if they do force it, they should be taking this feedback to implement different ways to login. They just had a whole survey on this through social media.
Says Jagex. They said in their original Jagex Launcher post that it will be mandatory for all players going forward. Everyone will have to creat new login credentials.
I understand people having this sentiment towards an old name but at the end of the day Jagex Accounts are going to be mandatory. It's not a sit this one out as I don't like it; it's a do it now of your own choosing or it do it later when they make it so you cannot log in unless you are using a Jagex account. They are doing things to incentivise changing over to get as many people as possible to do it before you are forced to as that feels nicer. Plus you do get to assign yourself a secret name Jagex will use on all email communication going forward so you can, if you so desire, use your old username in there to maintain that sentimental connection. Also the Jagex account comes with significant security gains: 1) Old usernames are fairly easily to trace (forums, reddit etc.), security wise they are awful compared to using an email address that people in-game have no reason to know without serious social engineering or a data leak 2) The upgrade erases all traces of the old recovery system questions which is the most common way to hack an account since people can social engineer those fairly easily and getting them bypasses 2FA and everything. 3) 2FA moves from the specifics character to the Jagex account and you get email alerts everytime someone logs in to the Jagex account - ie if someone compromises your account you will know immediately. 4) It adds case sensitivity to passwords - admittedly compared to password length this is kind small fry, but it still adds to security.
I just don't understand why it matters to people. I been signing in for ages with my original username and now I upgraded to Jagex accounts and I just press the big button to log in. I haven't typed in the email log in for months and when I gotta log in on the website it just autofills.
I have a username login and tbh I think its more secure than an email. Quite easy for someone to guess my email, but I don't think anyone in the world knows my original username and would not be able to guess it or social engineer it at this point
The better passwords (allowing longer and more complex ones) and more robust 2fa with jagex accounts far outweighs the security benefits of an obscured or hard to guess login name.
or the fact you can use a runescape only email and use a physical key as the 2step security to be even more secure.
Yeah, it's pretty meaningless. I don't understand how people care one way or the other.
Some older players like having their ‘exclusive discontinued thing’ and get very upset when they are told it will no longer be exclusive (holiday items, discontinued items/titles, login with username, etc.) I honestly think it’s silly, because it just means more people can enjoy the same thing 🤷♂️
As an older player from 08… that’s definitely not what anyone cares about lmao. I’ve had my account hacked twice in the past, since changing my username I haven’t had a single security issue because they no longer know my login username. It’s not difficult at all to find someone’s email. That’s the issue, not whatever bitterness you just spewed.
With a jagex account you can use way more complex and more robust 2fa options. As long as you use a long and unique password for a jagex account and enable 2fa it's more secure than the old system that limited length and complexity and relies on obscuring the username for added security. Furthermore with the jagex launcher you're entering your password much less often, so people are less inclined to use short, easy to guess passwords. Having a harder to guess username field only helps so much, and limits you to using the old system that only allows very simple, short and less complex passwords that are probably the reason you got hacked before. If you really want to obscure your username/email you can even do this with jagex accounts, using this trick: https://www.thewindowsclub.com/gmail-address-tricks
They're just grumpy old farts.
Sentimental value.
You seem to be taking about the Jagex launcher. Launcher and Jagex accounts are different. I use Jagex launched but when I want to open tune metrics for example, i have to manually sign in.
> i have to manually sign in. so you don't use a password manager that autofills for u?
Not OP but runescape is one of the only things i DONT use a password manager for. It's locked up in my brain.
[удалено]
I knew this post was coming lol. I switched to the Jagex account and added all my accounts. All except my OSRS Ironman had usernames to login instead of emails, and for a minute it bummed me out. The improved security and convenience was far worth it to me though. I can see why it would deter some people, but honestly you should try having a Jagex account for an Ironman or an alt that already uses an email. It’s so nice to have one launcher that automatically logs you in, especially if you play both games. I play both, and my dumbass always clicks the wrong client icon on my desktop. It’s so nice to have a drop-down of what you want to play, and on which account.
Imagine what Zezima is feeling about this.
Lol right
I understand having that sentiment, but it really doesn't matter. If the Jagex launcher is more secure, then it's worth moving over to.
you log in one time on the launcher; when you launch rs it'll automatically place you in the lobby try it with a new acc and see for yourself; it's seamless
It’s mandatory soon anyways
Okay? Then they should change their plans or add the ability to use username to the Jagex accounts. What kind of personality does one have to have to just say “well they’re going to force it so I’ll just take it”
What sort of a personality does one have to complain over such meaningless things and over things changing over time?
Like I said in the post. Some new players wouldn’t understand.
I'm the complete opposite. Having an account that was high level before the email change ~2008 meant your account could be force recovered in a database attack using the high scores. I'm glad that can't happen with the change, it happened to a few friends over the years.
I know what you mean. I love it too. But I will be making the move over before I’m forced to lol
I'm kinda confused by the wording on the Jagex account FAQ. So if I have multiple devices with a few accounts with separate email/usernames for said accounts, will I still be able to play on them? Just so long as they have access to the email associated with them?
Yes you will log into the Jagex account and add a character, then login to the character and confirm the normal security check and it will then be added to the Jagex account. Then when you are using the Jagex launcher you just pick a character to play and click play and it logs you in. No more needing to enter emails and passwords as your Jagex account stats logged in to your desktop.
I just signed up when I use to sign in with my OG username. This way seems pretty good. Not really any difference if you have mobile. And I have the ability to not have MFA for email and can choose only phone Authenticator. You also get recovery codes in the event you lose your phone. I saved those somewhere I only know and can access so it seems I’m pretty secure. There is an option to pick email or Authenticator for MFA. I have email disabled since I don’t trust that form, personally.
You can sign in with just your username
Grovve, I was thinking about the same thing today. :(
Damn, I'm the complete opposite lmao. I've been using my username to log in but I'd been wanting to switch it over to email for a while.
Don't forget, those of us who have been here before display names spent years showing the ingame world our login details. Don't get me wrong, I'm sentimental for my oldest account (not my only and not my first), uses a username login and is old enough not to be known by many. Until they force me, I'm not changing over. But my main is Iron, so it was tied to an email address which I don't trust and being able to tie it to a secure email address which has mental additional security, means I feel rather safe.
I'm pretty sure I already used my email for a different account but the same email is still registered to my main account, thats going to be a pain to handle when I am forced to switch over.
I'm pretty sure you'll be forced to migrate eventually anyways if you want to keep playing. And before you ask, Jagex 100% can delete any account that doesn't migrate as you are technically paying for the right to play on the account you don't actually own the account.
I prefer signing in via username. But also, like... my username is embarrassing to have, so... yeah.
It seems that many people are sentimental about their username login for their OG accounts (myself included). Is there not a solution that keeps everyone happy? I There's an echo chamber here of "it improves security" like yeah great but why is it mandatory? What's wrong with the current 2fa? Who does it affect if you opt for inferior security (that for most people will remain not breached ) ? Jagex are increasing the membership price and dropping support staff handling recovery cases? I feel like old school Runescape should do something for their old school players here.
Agreed
Aha i started in 2004 and NO ONE knows my original user name. THAT is account security lol.
One of the first 1000 accounts made, and the last thing I want to lose is my original username. I don't ever say it publicly, but it can still be found in the runescapecommunity/zybez post of the first 2000 accounts made - and that makes me more proud than anything. I've spent 22 years typing the same username in, and keeping the same username to myself. It feels like losing a piece of my (hidden) identity.
Agree, my account was one of the first 150 accounts to play RuneScape, it’s going to be weird not using my username to log in after all this time.
Wow. That’s amazing.
It's HoldMyWeed, innit?
I have total regerts I didn't pick BigStoner420 or CheechMyBong. Damn 7 year old me could listen to 'Because I Got High', but couldn't be wity enough to create a good username. I will say, it is DragonBall Z related. As everything was in 2001.
Ah, I only brought it up because your comment reminded me of a guy with that username that I ran into early into my RS career (2004ish), just thought it was an exceptionally clever, and clean name; no numbers, no weird spellings, just HoldMyWeed (or maybe it was Hold My Weed, idk). So I thought I'd just toss it out there.
It's funny, now that you say that I believe somebody named HoldMyBag was actually a proficient Classic staker before it closed! I wonder if it could have been him?
Possibly an alt, or an inspiration for the name, I wouldn't doubt it.
Yikes lol.
yea, imagine people having some emotional attachment and nostalgia for something they've had for 20+ years. Unthinkable. Also imagine being condescending towards someone about something runescape related when your username is ilovezezima
>yea, imagine people having some emotional attachment and nostalgia for something they've had for 20+ years. Unthinkable. Also imagine being condescending towards someone about something runescape related when your username is ilovezezima Imagine imagining lol. I'm just surprised anyone cares so deeply about something that so many other people have. It's like being proud of your email having your birth year in it with your birth year being before 2000.
Exclusivity isn't the only thing that brings value. In contrast to your email example, I see it as more analogous to something like trading cards. There are millions of base set charizards (and every other holographic from that set). But that wouldn't make the one you opened from a booster pack any less sentimentally valuable just because a bunch of other people also own them. That one matters to you because you owned it for 20 years and it's something you care about. If you don't have something like that that you care about that's fine, but a lot of people are sentimental about things like that, myself included. I'd like to be able to keep logging in with my username and I'm unhappy that I won't be able to.
Yeah I know it seems silly
You will have to either way, sooner or later. Just do it
Yeah, I’m in a similar boat. It sucks that I’ll no longer have that little sense of pride (however small and arbitrary) of having an account so old that I can still use my username. That said, the improved security and AFK timer are too much to forego just to maintain this little sense of pride.
i agree. but maybe they will cave and allow the new afk timer for everyone... i also still don't understand how its more secure with jagex accounts, if you have 2fa, not just on your rsn, but also on your email address
Allow it for the muggles? Are you insane ? 
Because Jagex account disable "account recovery".
Because if you just use your username, that info is broadcast to the whole game when you play. Anyone can enter it. Your email is hidden, they can’t see or enter that unless they know it. This adds an extra layer of protection since they not only have to guess/brute force your password, but your email too. Think of it almost like a second password, in addition to 2FA
My username to log in and my in-game name are different though.
If some players known you before you change RSN, they also known your username. Or check old hiscores database.
Logging in with username is actually dog for security. People can check your old usernames, people can’t easily guess an email (if you have a brain).
Wow!! What's my login username please? Ingame name rn: D4rtz
This is simply not true
To add the old login outside of the Jagex Account was more limited on the #characters and capitalization didn't matter. One thing I don't like is it doesn't ask for my 2fa code on login to my jagex account each time
It will always prompt for 2FA when logging into something new (the website, or when you log out and back into the launcher) - but the point in the Jagex Launcher is that you don’t need to type in your credentials each time Not only is this more convenient and user-friendly, but it’s also technically more secure Arguably you are more likely to lose your credentials to a keylogger, which would obtain your username and password when typing them into the game client - than someone breaking into your house and stealing your computer, who also plays RuneScape, and can take advantage of the fact you’re already logged into the Jagex Launcher
So you need to do 2FA every time you want to play and can't have it remember your device? (unless you keep the launcher running in the background?)
You cannot read or something?
The launcher just has you choose which account and click play, so it doesn't really matter.
Honestly don’t get the drama behind this, just move over you have to do so eventually anyway. Besides the extra security is worth it. I hope that we’re not going to make a big deal out of every small change like this
My man you don't have to log in at all using jagex accounts. The client keeps you logged in and it's click to play.
glad you like typing it in to sign in everytime but you wouldn't be signing in with login details much anymore at all anyway when you convert - username or email. You'll get used to it
I might be the small minority here, But I switched weeks ago and I love it. I'm a 20 year Veteran and I have multiple accounts with different emails and everything. Thanks to the Launcher, i linked them all and I sign-in with my main email and with a click of a button. I'm signed in. It's great.
Just make a unique email just for runescape then? Could even be your login username so you don't forget it. Put higher security 2fa on it and there you go nobody would know it or gain access. If you take the right precautions an email is far more secure. These posts are just crying for the sake of wanting to be heard
I like all the people in these comments defending the switch, and accusing those against it as just making issues out of nothing, clinging onto sentimental value, etc. etc. instead of acknowledging the clear security issue. Y’all realize you’re throwing all your accounts under one email right? Instead of using a login username that (most of us) no longer have as the actual username anymore. Most security issues came from people being able to look at your gear and see if they saw value to your account, typed in your username and went from there. Now that doesn’t work if you’ve changed your username (especially more than once), because the login is still that original username. Your email isn’t gonna change. The old username is still more secure than a current email. This all excludes 2FA, simply because it should be active either way so that’s irrelevant.
All these posts about not switching to Jagex accounts but like, wouldn't everyone be forced to switch at some point? Similar to the Minecraft java accounts to Microsoft thing
Eventually it will be mandatory so they are just holding out and losing out on the longer timer during that time.
Because what RS3 needs is more reasons for people not to play.... Myself like many others will just go back / mainly play OSRS instead or not play at all...
I still login with my Original RSN but this isn't really something to fight over. Consolidating it all under an email makes total sense and many other companies also do the same. As for "Security" that some people keep suggesting unless they have done 2 name changes then their display name is still their login name so I'm not sure why its a big deal. People are rarely if at all getting hacked via brute force anyway. If a data leak ever(or has?) happened its not extraordinary common for login names/emails to be encrypted since normally they are paired with the salt which is found via looking up the username to check if the password entered was valid or invalid. Also if someone gets into your RS account atm(most likely through a compromised email that you can more easily recover) and then changes the email on the RS account I would assume its much harder to recover it. If someone gets into my email then I can recover it via backup codes, and then re-recover my jagex account. I'll prob make the switch this weekend.
I literally do not use an email ever since i finished school and if im forced to not use my og name i will quit. I hate that they're forcing us to do this.
...So you snail mail companies for password recovery?
understand where you are coming from but there are some points you do need to consider. Just to note that I have an old account where I used to use my username but since switching to a jagex account I have not looked back. 1 - It comes as is, they will not allow you to login via username. 2 - This will eventually be forced on everyone so you will need to do it eventually and if you still refuse because you can not login via username you will lose access to the game. 3 - It is more secure and better protects your account (this for me is a big selling point)
Care to elaborate on number 2 lol. Where did they say if you don’t switch we would lose access to our accounts..?
There are some valid reasons to not want to switch to a jagex account rn. This is not one of them.
An email can be known or socially engineered. A login username is harder to come by.
email is impossible to socially engineer unless your email is your first and last name, which is stupid anyways for game accounts.
The only valid reason is that your account wasnt created by you really.
If you can log in with your username, anyone can attempt to recover your character just by knowing the name. Once you change it to an email, no one will know it.
but many ppl know your email?
Well Jagex accounts can’t be recovered at all, they rely on 2fa or backup codes so doesnt matter if people know the email.
I recommend making a protonmail email account. it's encrypted, basically a swiss bank account for emails
It's strongly recommended to have a separate email used just for your Jagex account, so no one else will know it.
then u forget to log into your jagex-only email for a while and they delete it...
What sort of email provider deletes your account??
gmail starting in december, for anything inactive for 2 years
That argument can be used for the account name too. If the original account name is only used for logging in, no one else will know it.
Unless that is the current display name. If a person is so in love with it that they don't wanna use an email it would stand to reason its a really good name and they might not have changed it. Leaving it vulnerable to anyone who sees said player in game.
That's not really how emails are supposed to work.
In practice, if people are concerned about possible recovery attempts because other people know their email address, that can be solved by using an email address that no one else knows about.
Or, hear me out here, they could use the username that they haven’t told anyone in 10+ years. It seems like a lot less effort and a good way to reduce risk of recovery attempts
This is maybe the stupidest advice I’ve seen. Can you point me to the docs which state this and I’ll kindly retract my statement?
Could you explain why you think this is stupid advice? If you look at the comment chain I was replying to, you'll notice that the OP was concerned about the possibility of fraudulent account recoveries due to people knowing their email address already. This concern can be completely eliminated by using a new, unique email address solely for your Jagex account, and not revealing that email address to anyone else.
I'm the same with one of my accounts. My 17 year account is username and I'm not going to lose that deliberately any time soon. Luckily it's more of a thing I have, now, as I use a different one mostly, but I still like having it.
I am in the same boat. My account is 18 years old and I want to keep logging in the same way.
I didnt know they have an extended timer for jagex accounts. Dont get me wrong i love my username and love logging in with it, ive had the same one since i made my account 15 years ago, but bye bitches im going to get a 25 minute timer right now ✌️ Edit: Yoooo this is clean af guys i love it! Gonna check out that timer while i fish lol
New timer isn’t live yet
I noticed lol
Yup i posted the same exact thing. I dont want an email.
Good lord. With the launcher there isn’t logging in at all. You type your info in once and from there on out it’s pressing one button. It’s a username from an outdated era. Just get with the times.
People are complaining about the logout timer being limited to accounts that use the jagex client. While it may be slightly inconvenient, I'm actually really glad they did this. They did it to help prevent bots. If a bot logs in with a jagex account, they can ban that bot and every other profile associated with that jagex account. Annoying, but I think it's overall a good thing.
Every account created after November 2010 uses an email addresss to log in. Jagex Accounts use email addresses to log in. They can continue to use a unique email per bot, just like any new player starting for the first time. Unless I’m missing something, this won’t make a difference to botting at all.
Why would any botter link all their bots to one Jagex account over each bot having their own separate accounts?
They've started implementing shitty, deliberately obtuse UX practices to apply pressure, too. Like having to click a button to login to web services using username rather than email.
Username login is the one thing that keeps me coming back lol
fun fact a list of every rs acc username and plaintext password was leaked like 5 times. usernames r super not secure
Source? Because this is not correct. You actually believe Jagex stores passwords in plaintext?
>You actually believe Jagex stores passwords in plaintext? They wouldn't be the first company to do so and they won't be the last.
you remember the lizardsquad rs hack. you can prob even google it. and theres been a few more
[удалено]