And people keep telling me im retarded when I post about the massive security exploit problem jagex has.

You guys don't understand what I've been posting all week, if the hackers know your username and some of your earlier passwords you are FUCKED.

2Step and Authenticator mean nothing for fuck sake ever since jagex brought in the "appeal recovery" system, anyone can appeal anyones account and with the right info you will get access to someone's access even if they have 2step on their email + RuneScape account

Before this security update which happened like 3 months ago you would be impossible to hack with 2step and authenticator, even if they had your current password and email password they still could not log in because of that. And there was no other way to reset your password. Only via email but with 2step it's impossible.

Now they dont even fucking need access to your email man, if they know your username, some real life information about you they can try as many recovery attempts as they want.

/u/jagexinfinity Do you guys not understand that this is being abused, I will quote a twitter from a well known RS hacker from a few months ago, this is what he said:

"lol @ jagex removing the biggest security they had, 2-step emails mean nothing now lel, now the real deal is beginning ty"

And yet you guys dont listen, people like him can just attempt and try to hack any account they want. I've been following and stalking his twitter etc for a few weeks now and coincidently more and more people I know have been hacked by him, they all had 2step and authenticator.

Chances are you wont remember the password you set on your account in 2005/2006, chances are also that hackers have access to databases where you are in from 2005 and can use that against you. (Yeah you should not use the same pass everywhere but chances are you did in 2005 since the net wasnt this big.)

Sorry for your loss OP, you got fucked by jagex's system