From the RuneScape Wiki, the wiki for all things RuneScape
Jump to: navigation, search

A Password is a set of characters which is used to gain access to an account. It is recommended that your password does NOT relate to anything close to you, such as a favourite animal or the address of your house. Rather, it is more recommended that you name your password after a famous person's birthday or something similar that can be re-looked up in the case you forget. A combination of letters and numbers will make a good password.

Never tell your password to anyone. Anyone that attempts to ask about your password should immediately be reported for Rule 3. There is also a system that prevents any IP address from accessing any RuneScape account if five or more incorrect passwords are tried in succession, doing that can be recognised that you are on a hacking attempt.

Your password is NOT blocked either on RuneScape or on the forums.

Prior to some time in 2018, the chat censor would filter any text that had your EXACT password included in the text. Attempting to do so resulted in the words not appearing as usual in the chat box or on top of your character's head. Instead, the dialogue popped out in the chat box: You appear to be telling someone your password - please don't! If you are not, please change your password to something more obscure! The filters could not filter your password if you said it backwards, or with a space in-between the letters.

On 9 January 2009, Jagex released an update to make people who had one of the 500 most common passwords to change it. These people could not log on until their password was changed.

Authenticators[edit | edit source]

If possible, use authenticators in addtition to passwords to increase the security of your account.

Changing your password[edit | edit source]

To change your password hover your mouse over "Account" on the bar located just below the advertisement on the Runescape home page, then select Account Management option from the drop down box that will appear. An option to change your password will then be shown. When selected, this will redirect you to a Jagex site where you will be asked to enter your present password as well as your new password. Once accepted, the new password takes effect immediately.

It is strongly advised to run virus protection software prior to changing your password, especially if you suspect your computer might be infected by a keylogger or you have any other security concerns, or use a different computer of which you know it is secure.

General password security[edit | edit source]

The following uses content directly from the RuneScape website.

  • DO NOT pick any word or number which has a connection to you, so don't pick your favourite animal or your house number.
  • DO NOT use your phone number or any personal information as your password. This can be easily guessed by a friend or relative.
  • DO NOT just use a number at the end of a word, such as apple1.
  • DO NOT use common number and letter substitutions e.g. 4 as the word 'for', 1 as 'L' or 'I', 5 as 'S'
  • DO NOT use repeating characters 'bbbbbbbbbb' or series of characters such as 'kbkbkbkbkbkb' or also something like 'rs2rs2rs2rs2'.
  • DO NOT use your real name, account name or name of an item either forwards, backwards or divided up.
  • DO NOT use a series of characters off any keyboard such as 'adfsghd', 'lkjhgf' or 'qazwsxedc', as these are very common and hijackers will look for these.
  • DO NOT fall for users saying that the system will censor your password.
  • DO NOT give your password to anyone. This includes any friends, relatives, or other player. If asked in-game for it, report the player under Rule 3 - Password Scamming.
  • DO NOT use a password that you've previously used on your account.
  • DO NOT combine your RuneScape password with other things such as your E-mail account. If the password for one is discovered, access to your RuneScape account becomes much easier for hijackers.
  • DO NOT use your RuneScape password a second time for an account on another website, or for secondary RuneScape account.
  • Be careful about keeping your RuneScape password in places where it may be accidentally discovered, like in a Microsoft Word document.
  • Passwords must range from 5 to 20 characters. The more characters there are, the likelihood of having an account stolen is significantly reduced.
  • Passwords should not be entered if there is someone directly behind you. Long passwords with no discernible pattern of words and numbers like "ag955gop233xz521" are very difficult to memorize at a glance. Do not use ag955gop233xz521 as your password, since this might be guessed by an account hi-jacker.
  • Jagex moderators will never ask you for your RuneScape password. Any player who claims to be Jagex staff should be reported either for Rule 3 - Password Scamming, or Rule 5 - Jagex Impersonation.
  • Passwords should never be entered on any website besides,,,,, and Many non-legitimate websites have keyloggers, which record and steal players' passwords. The same rule applies to RuneScape fansites as well - including the RuneScape Wiki.
  • It is advisable to change your password every 3 to 6 months, so long as you keep it safe.

The cheats and scams page can teach you many common scams to be aware of.

Update history[edit | edit source]

This information has been compiled as part of the update history project. Some updates may not be included - see here for how to help out!
  • update 29 January 2002 (Update):
    • Password options have changed.
      • You can now press 'reset recovery questions', type in your new ones, and then in 2 weeks if nobody has opposed the change they switch over.
      • For that 2 weeks each time you login it will tell you that someone is trying to change the recovery questions. If it wasn't you who requested the change you can cancel it, and then change your password quick!
  • update 23 June 2001 (Update):
    • Improved password box to allow up to 20 characters.