The Password Scam is a scam where the scammer gains knowledge of a victim's password through a simple trick. This scam goes against the Password, account, bank pin, or item scamming rule under Honour. Due to the severe nature of password scamming, Jagex will likely issue either a permanent ban or a permanent mute to players caught using this scam. The scammer tricks victims into telling the scammer their passwords by announcing that players' passwords will be blocked by the chat filter if they are entered into the chat window, or if the password is typed backwards. Victims who fall for the scam will test out the scammer's statement by announcing their password to the scammer and anyone else in the area. If a victim falls for the scam, the victim can avoid being scammed of their account by quickly changing their password on the RuneScape website, although often scammers will already have the password change window open and will quickly change the password before the victim can. The next step victims must take to reclaim the account would be to attempt to reset the password through the account recovery system.
The password scam idea also gave birth to two extremely similar (although much less used) scams - the PIN Scam and the Password Changing Scam.
This scam is rather outdated, as since it was originally introduced by scammers, almost all players are aware of it. Despite this, it is not uncommon to see a scammer trying it out, especially in areas where more low level players are, as the lower level players are more likely to be unaware of the scam. Since this is a well-known scam, scammers using it are almost guaranteed to be reported by a few players, especially in crowded areas. Many scammers get around this by simply creating waste accounts used for scamming so if the account is banned the scammer won't lose anything.
This scam is also outdated because on April 24, 2007, Jagex released an update to the chat filter which blocks out entire sentences that contain a players' exact passwords. Jagex also warned players not to test the new system, as a misspelling or typo might reveal their password. Jagex stated that the reason the entire sentence containing a player's password would be blocked as the context of the sentence might tip off other players as to what the player's password might be. A message would also be displayed in the chatbox warning the player not to state their password. Finally, Jagex reminded players not to reveal their passwords on the forums, where they are not filtered, and that attempting to trick other players into revealing their passwords is a direct breach of Rule 3 (now scamming).