How To Get Runescape Authenticator On New Phone

The warning players become if they practice not have Authenticator active on their business relationship.

The RuneScape Authenticator is an additional layer of protection players can utilise on their accounts. It replaces the Jagex Account Guardian (JAG), by using an RFC-compliant time-based i-time password (TOTP) compatible with Google Authenticator. This algorithm can be used both on supported mobile devices and in desktop implementations. This organisation works for both Old School RuneScape and RuneScape 3, unlike the JAG did previously.

Besides having an extra 20 banking concern spaces available when active, players are required to set up the Authenticator in guild to be able to receive a pair of fancy or fighting boots in the Stronghold of Security. In addition, having it ready is required for Solztun to imbue the player'southward skull sceptre. Should players disable the Authenticator, the skull sceptre volition revert dorsum to its regular state.

Setting upward [edit | edit source]

To set upwards the RuneScape Authenticator, a player must visit the Authenticator landing folio. Jagex generates a random 80-bit surreptitious key unique to each user and presents it as a 2-dimensional barcode and every bit a 16-character Base32 cord. Many mobile devices can read the barcode directly through their camera, which is equivalent to entering the Base32 string manually. The implementation generates a 6-digit code every 30 seconds based on the key and epoch time.

In one case set, players are prompted to enter the 6-digit time-based lawmaking whenever they log in to the game using an untrusted figurer. Jagex implements a 10-minute window (five minutes on either side of the actual time) to enter the correct code to permit for a possible lack of synchronisation between Jagex'south server time and player devices.

Players can choose to trust the computers on which they play RuneScape for upwardly to 30 days or choose to enter a code every time they wish to play.

Players tin can also choose to use the Authenticator for their banking company Pin instead of the fixed 4-digit PIN. However, the iv-digit PIN is not obsolete. Logging into the bank or the Grand Exchange from the RuneScape Companion app still requires the four-digit Pin. Players who choose to finish using the authenticator as the banking company PIN revert back to the final 4-digit Pivot used.

To disable the authenticator, click on the "disable authenticator" link. Jagex sends an e-mail containing a link to disable the authenticator to the e-mail address registered for that account. It is highly encouraged that the e-mail associated with the account require two-footstep hallmark so that the RuneScape authenticator can not be easily removed. That is, it is suggested that the e-mail be tied to a mobile device either by texting or a call earlier a new computer can gain access to said email.

Setting upwardly on a new device [edit | edit source]

Players who take purchased new devices will accept to re-download the app on their devices, disable the Authenticator via the RuneScape mainpage, and re-enable it. Afterward Jagex has sent the email containing a link to disable information technology, players will have to follow the aforementioned steps to set up the Authenticator on their new devices.

Alternative to using mobile telephone for authenticator codes [edit | edit source]

Players who cannot scan the setup QR code, or simply want an alternative may use Authy.

Authy is an app trusted by Jagex, that has the same basic functionality as other applications like Google Authenticator, allowing for an actress layer of business relationship security.

Y'all can read near Authy on the support section of the official RuneScape site.

The primary advantage of using Authy is that you can hands log back into the app, go along receiving codes, retain the extra security, and not worry about if you get a new phone or mobile number, which doesn't risk issues logging back into RuneScape or require the need for Business relationship support, similar it could when using Google Authenticator.

Trivia [edit | edit source]

On release, although the authenticator was stated to trust the reckoner for 30 days if selected, information technology only did and then for 14 days. It now trusts the computer for the stated xxx days.
The authenticator cannot be enabled without having a grapheme name gear up.