Runescape Disallows Weak Passwords


I haven’t played Runescape in ages but I still poke over there ever so often.  I noticed today that the admins are disallowing the use of 500 simple passwords.

I have to admit that’s gotten me thinking about other platforms that I use.  Almost all of the platforms use some form of security for saving their passwords. (I throw that in there since Runescape doesn’t actually say that they’re doing that.  I do hope the passwords aren’t stored in plain text like some programs I’ve used in the past are.)

I would think that it would be fairly easy to create a script to runs through all of your users and sees if what’s saved in the database for their encrypted password matches a list of predetermined passwords already encrypted.

Getting those folks who do make a match to redo their password would then have to be programmed.


Leave a Reply

Your email address will not be published. Required fields are marked *