TruthScape.com  9  The Truth About RuneScape Account and Password Scamming and “Hacking”       9  How to Improve Your Account Security

How to Improve Your Account Security Use a PIN for Your Bank - and Choose a Good One

If you think of your RuneScape account as being like a car, and your gold and items as being the contents of that car, then your password is like your car's security system. Keys that are hard to duplicate, electronic security features and an alarm system, can all make cars (and their contents) harder to steal; likewise, better RuneScape passwords make accounts harder to steal.

Many people don't know how to choose a good password, so I'm going to give you some advice here on how to do exactly that. This information will help you in securing all of your online accounts, not just on RuneScape!

Important Note: Before I go any further, I must warn you, do not to use any of my example passwords. The fact that I have used them here means thousands of people have seen them, which makes them insecure!

Passwords that can be easily figured out are said to be weak, while good ones are called strong. Here are some specific tips for creating strong passwords:

• Use a String of Characters: An ideal password should appear to anyone else as a random jumble of letters, numbers and symbols with no inherent meaning. For example “wE2m8*_q” is a pretty decent password, while “maple_leaf” is not.
  
  
• Use at Least Six Characters: All else being equal, the longer the password, the stronger it is. The password should be at least six characters in length.
  
  
• Mix Together Letters, Numbers and Symbols: The more different types of symbols, the stronger the password. For example, “iloveyou” is a weak password; “i%L0v3_Yu!” is a lot stronger (though not perfect.)

Many people try to take “short cuts” by creating passwords that are easy for them to remember, but they do this by making them too simple. Avoid these common mistakes:

• Don't Use Common Words: Do not use any words that are in an English dictionary, nor the dictionary of any other language. If you can look it up, so can someone else.
  
  
• Don't Use Common Words Plus Digits: Adding a number after a common word still doesn't make a secure password. Okay, perhaps “fletching22” is stronger than just “fletching”, but both are very weak passwords.
  
  
• Never Use Personal Information: Never use any part of the following as your password: your RuneScape user name, real name, phone number, address, social security number, and so forth.
  
  
• Never Use Names of Other People: A lot of people use the names of their wives/husbands, girlfriends/boyfriends or children as their passwords. These are very weak passwords, because so many people do this, and there just aren't that many common names out there. In fact, a lot of password guessers just use random girls' names when trying to crack passwords. (And no, adding a digit or two after it is not good enough.)
  
  Don't use the names of fictional characters either.
  
  
• Avoid Repeating Digits: A password like “qqqqqqqqq1” may have ten characters, but it's not nearly as strong as a proper ten-symbol password.

You can probably see from these guidelines the general rule of thumb here: the more complex the password, the stronger it is, while the simpler the password, the weaker it is. However, there's a trade-off also, because if you make the password too complex it can be a pain to type in, and easy to forget. To take one of my examples from above, typing and remember “iloveyou” is a lot easier than dealing with “i%L0v3_Yu!” on a daily basis.

Ideally, what you want is a password that is complex, but created in such a way that it means something to you but not others. This way you can remember it, but others will have a hard time figuring it out. Here's one technique that works (again, do not use my example!):

1. Think Up a Sentence: Think of a sentence that means something to you personally, preferably one that contains a number in it. For example, suppose you are a big fan of a rock group called the Drunken Vegetarian Zombies, and they currently have five albums out. You could start with “The Drunken Vegetarian Zombies have five excellent albums”.
   
   
2. Convert to a Password: Convert the sentence to a password by taking the first letter of each word and using a digit for the number: “TDVZh5ea”.
   
   
3. Change Upper and Lower Case: This example has a decent mix of upper and lower case letters, but if your initial password doesn't, change one or two of them. So we could make “TDVZh5ea” into “TDvZh5Ea”.
   
   
4. Add Symbols: Convert some of the letters and numbers to special characters, or add some symbols, to make the password more secure. Some might do this with “leetspeak” substitutions (“4” for “A”, “3” for “e”, etc.). For example, you could change “TDvZh5Ea” to “T_DvZ_h5E@”, where I added some underscores and changed the “a” to a “@”.

If you want to test the strength of your new password, you can use this online password checker on Microsoft’s web site. (Yes, I normally tell you not to enter your password on any other site, but this is, I believe, safe. If you like, modify the password slightly once you are convinced that the general structure you’ve come up with is good.

How to Improve Your Account Security Use a PIN for Your Bank - and Choose a Good One