- Automatic login on 3rd party servicess. Just like Facebook, or etc...

- Services may use bot to handle all gifts, and such, just like how Sega did the make war, not love event.

The issue wouldn't go away at all regardless even if Steam remove the "sign in through Steam" as people will still try to login no matter what.

We already have the auto login setting... https://imgur.com/a/aRB82Cq

Originally posted by Dr.Shadowds 🐉:

- Automatic login on 3rd party servicess. Just like Facebook, or etc...

???

Originally posted by Dr.Shadowds 🐉:

The issue wouldn't go away at all regardless even if Steam remove the "sign in through Steam" as people will still try to login no matter what.

It's still easier to explain in big letters "log in through Steam is never legit" than to explain "log in through Steam is only legit if you are already signed in on your browser or Steam client and then you see a single click-through page rather than a page with user/pass entry fields".

Well it's suppose to be the one click, not the user/pass, if it asking for it, and you're already login, then it's a scam, as it shouldn't be displaying that to you, but if your not login already, then go to Steam main page, login, then revisit the page for the "sign in through Steam"

The whole "log in via Steam" API is always legit, the part that isn't are fake Steam sites.
So, i get your idea, but it won't solve the actual phishing problem, which not just Steam has a problem with.

Originally posted by kamk /idle:

The whole "log in via Steam" API is always legit, the part that isn't are fake Steam sites.
So, i get your idea, but it won't solve the actual phishing problem, which not just Steam has a problem with.

It'd make it just a little easier to tell people how to avoid getting phished.

And it's a feature that...I'm not sure is being used for anything useful right now. Is it? Someone please explain it to me if it is.

If you visit sites that say login with *whatever* that's basically it, as it use identification as a login, for Steam it would be our Steam unique ID that can't be changed, or removed.

Visit Square Enix, if you have link your Steam account with them, then go to login, and choose Steam login, you see how it works.

Originally posted by Quint the Crazy Dog Lady:

And it's a feature that...I'm not sure is being used for anything useful right now. Is it? Someone please explain it to me if it is.

It lets developers of account-based games, who bring those games to Steam, allow their users to link their Steam versions with their non-Steam accounts. Path of Exile does this, for instance. I'm in no position to say how broadly and deeply useful that kind of thing is to people; may not the end of the world if it was gone, but it's something at least.

Originally posted by Dr.Shadowds 🐉:

If you visit sites that say login with *whatever* that's basically it, as it use identification as a login, for Steam it would be our Steam unique ID that can't be changed, or removed.

Visit Square Enix, if you have link your Steam account with them, then go to login, and choose Steam login, you see how it works.

Originally posted by Gus the Crocodile:

Originally posted by Quint the Crazy Dog Lady:

And it's a feature that...I'm not sure is being used for anything useful right now. Is it? Someone please explain it to me if it is.

It lets developers of account-based games, who bring those games to Steam, allow their users to link their Steam versions with their non-Steam accounts. Path of Exile does this, for instance. I'm in no position to say how broadly and deeply useful that kind of thing is to people; may not the end of the world if it was gone, but it's something at least.

Ah. Hmm...

Why would you want to do away with a convenience? Sites use the Steam API to do many different things; and without it, you wouldn't be able to log onto many games which require the steam api to manage your account such as path of exile or elder scrolls online, or final fantasy XIV

There are even stores that use "login through Steam" now. Which is great -- I see the Steam icon on the login page, and I know I don't have to look up my password (yeah, I could be on a browser that already knows the login).

This is a great way to do logins for gaming-related websites, if we can agree that Steam does a better job at not loosing their account database all the time.

Originally posted by Liezerota:

Why would you want to do away with a convenience? Sites use the Steam API to do many different things; and without it, you wouldn't be able to log onto many games which require the steam api to manage your account such as path of exile or elder scrolls online, or final fantasy XIV

I don't play any of these games so I wasn't aware that the API was currently in use for such purposes. As far as I had known, it was just used to tell sites like backpack.tf to look at my inventory and provide a shortcut for generating trade offers to trade things with other people.

Originally posted by Kargor:

There are even stores that use "login through Steam" now. Which is great -- I see the Steam icon on the login page, and I know I don't have to look up my password (yeah, I could be on a browser that already knows the login).

This is a great way to do logins for gaming-related websites, if we can agree that Steam does a better job at not loosing their account database all the time.

On this I'd disagree; I'd much rather have a more distributed set of authentication methods, so that if one were to fail, the others would still be unaffected.

Originally posted by kamk /idle:

The whole "log in via Steam" API is always legit, the part that isn't are fake Steam sites.
So, i get your idea, but it won't solve the actual phishing problem, which not just Steam has a problem with.

Phisers would simply go back to faking the Steam login Screen, which was what they were doing before (and some still do)

It doesn't solve the problem, it just moves the goalposts to where they were before.

Gog connect, aka get some of your steam games (drm free) on their service uses this api too and can't rely on the public info to prove ownership. As someone else said for a different use, it wouldn't be the end of the world if it's gone, but it all starts to add up.