- Joined
- Jul 26, 2013
- Messages
- 3,046
- Thread Author
- #1
Here at RuneMate there is nothing we take more seriously than account security. We have implemented the Advanced Encryption Standard to compliance levels comparable to those of the medical and defense industries. We passionately encourage the usage of Two-Step Verification and have rigorous system level checks to ensure that both our and your precious data and assets are kept private. Our software stack is updated weekly and security patches automated to ensure we don't receive an unpleasant surprise.
These measures have proven very fruitful over the last two years and we expect our breach-free streak to continue indefinitely. However, there is only so much we can do without best practices being followed by our industry colleagues and users. We need your help to protect you.
These measures have proven very fruitful over the last two years and we expect our breach-free streak to continue indefinitely. However, there is only so much we can do without best practices being followed by our industry colleagues and users. We need your help to protect you.
Best Practices
- Enable Two-Step Verification (also known as Two Factor Authentication) not only on RuneMate, but also every site that offers it. It is a proven method to significantly reduce the risk of account breaches.
- Never re-use the same password on multiple sites. Use either completely randomly generated passwords that are managed by an industry-tested password manager, such as LastPass or 1Password, or unique passwords that are easy to remember. While I strongly suggest the first option, if you opt to manage your own unique passwords then a good way to keep track of them is to use a non-trivial formula for making your password. For example, instead of using "cocacolaISgr8" for Facebook and Twitter I could use "FcocacolaISgr8B" for Facebook and "TcocacolaISgr8R" for Twitter.
- Password length is far more important than password complexity. I'll let Intel's info-graphic explain this one.
- Be mindful of who you trust. If a website looks poorly made and looks untrustworthy it probably is. When a publisher puts their heart into design and user experience, it's a fair assessment that they care about you and your security. Unfortunately, the inverse is just as true. This fact is particularly important in this scene where I have heard far too many horror stories about passwords being stored in cleartext and mass hacks simply because developers did not put the effort into preventing it. I am not discouraging you from trying our industry colleagues out, but simply re-emphasizing the importance of following these best practices, especially #2.
- Maintain a running anti-virus and firewall software from a reputable vendor on your computer at all times. Nobody, I repeat nobody, is above this rule, regardless of computer savvy or intelligence. My personal favorite is Malwarebytes, but Kasperky, Panda, and many others are all good options. Just as important is staying away from vendors who have a history of poor performance, like
McAfeeorAvast.
Last edited: