Encrypt your computer,
use a pin lock for phone,
use an applocker on phone,
dont have steam on the desktop of phone.

It is possible that you can secure your things. You do it, because no one might be able to help you.

Computer is locked using a password, long and complex, so it really wouldn't matter. Plenty of time to use my phone or tablet to Change Password and Deauthorise all devices.

If you can't be bothered to secure and lock your devices thats on you. This a one of the reasons multiple 2FA apps ask you to enter your unlock code/biometric before they'll show you the code.

But one thing is right,
there are things that are unsafe.

I find it hillarious when companies try to explain that we dont need passwords anymore because it can be done safely instead by having a phone as a key.
That is aboslute nonsense.

At this point your Steam account would be the least of your worries. Or you have WEIRD priorities.

Muppet among Puppets の投稿を引用：

But one thing is right,
there are things that are unsafe.

I find it hillarious when companies try to explain that we dont need passwords anymore because it can be done safely instead by having a phone as a key.
That is aboslute nonsense.

You’d be shocked the number of people pushing FIDO who insist “this is the way”

Satoru の投稿を引用：

Muppet among Puppets の投稿を引用：

But one thing is right,
there are things that are unsafe.

I find it hillarious when companies try to explain that we dont need passwords anymore because it can be done safely instead by having a phone as a key.
That is aboslute nonsense.

You’d be shocked the number of people pushing FIDO who insist “this is the way”

Personally. I want a physical key with biometrics that stores my password. Just safe enough while staying practical and easy to use.

what if... no one cares?

You really didn't need to create two discussions.

It's been 6 years since your account(s) are banned and now you see it? Don't cry after all these years.

Also yes, it's only the user's responsibility to take care of their account. If you give your credentials to a scam site, what did you expect?

Also your example of "breaking into house" is wrong, let me correct for you: I willingly gave my house keys to someone random guy in the street.

Thermal Lance の投稿を引用：

Satoru の投稿を引用：

You’d be shocked the number of people pushing FIDO who insist “this is the way”

Personally. I want a physical key with biometrics that stores my password. Just safe enough while staying practical and easy to use.

Everyone wanting 'physical' tokens seems to have never lived through the old days of RSA 2FA physical tokens. Because these systems were expensive af. Because literally every person would lose their token at some point and demand we overnight them a new one. Some people would lose them literally every month. And this is a Fortune 500 company with a large sales force of a few thousand, nad we were buying tokens and giving them out like they were Kinder suprises at Easter.

If Steam did this, just by its sheer population, the number of 'lost' tokens would be astronomical. Which would result in astronomical number of calls about how their account is now permanently absolutely screwed because they lost their physical token.

This isn't a problem with you specifically. You probably would be fine. But at scale, this would be an utter disaster for Steam with so many people being locked out of their accounts because they lost one or both of their tokens, which, again, I saw sales people do constantly with literally 10,000th of Steam's population

Satoru の投稿を引用：

Muppet among Puppets の投稿を引用：

But one thing is right,
there are things that are unsafe.

I find it hillarious when companies try to explain that we dont need passwords anymore because it can be done safely instead by having a phone as a key.
That is aboslute nonsense.

You’d be shocked the number of people pushing FIDO who insist “this is the way”

The things that really shock me in regards to security are rather
the ways how to circumvent the security things.

Real world example:
Sometimes ordering a pizza
and
leaking your account details for a major entry point
can be effectively the same thing.

Too often security is only looked at from one point. And if security then is also just one point, doesnt sound good.

AliSalahat 👌 の投稿を引用：

What if someone broke to ur house and stole everything including ur pc ?
and after stealing it u were still logged in and he took ur items cause he had you phone for steam guard. i bet steam will reply like this .. why dont u have a pin lock on ur phone ? hah ? then its ur fault

Yeah why don't you use pin/biometric lock on your phone? You're worry someone will bust into your home, why don't you put password on your PC as well?

AliSalahat 👌 の投稿を引用：

what if someone pointed a gun on my head and said give me ur steam account and u gave him and he stole everything and set u free when u contact steam support, theyll answer thee following, why didnt you fight back ?> its ur fault no account

Why not do what mugger tell you so can live, and then report to the police? What stopping you from doing that? I doubt any mugger gonna know what you have, let alone knows if you use steam mobile app, or not, not everyone uses it, and not just that, but also fact if can't fight back agasint the attacker, might as well try to live, as I fail to see you need to value skins over your own life, then again there always those people that value digital things over their own real life, and fail to realize real life isn't a video game, just food for thoughts, maybe a tip so know what to value more in this case.

AliSalahat 👌 の投稿を引用：

what if anonymous hacked me ? hacked the ♥♥♥♥ out of of my pc and phone, is it my fault too ?

Actually often related to end user going out of their way to download things from scammer to getting hacked on their PC/phone, in that case yes it would be actually your fault from start to finish in that case.

AliSalahat 👌 の投稿を引用：

all of the above are fictional example of how steam deal with players ..

I mean Steam can't confirm you're telling the truth, or lying that outside Steam system, so they wouldn't know if someone bust into your house, mug you, or you got your device compromise. The same thing can be said for google, facebook, twitter, Riot games, etc, etc, and etc... Since they all apply same how attacker will get your account, money, and items.

AliSalahat 👌 の投稿を引用：

if u had a choice ... to save ur mom or ur steam account what would u choose ? mom ? then u have violated the tems of use the includes your account safety is ur top priority ..

So someone making you go use cheats in vac protect games, doing chargeback, or promoting scams? That what you're saying? Maybe wanna rethink this for awhile as that doesn't make much sense to your story, and wouldn't make any sense why would anyone do anything to your mom over something they could've just done themselves without the police chasing on news tv just saying, maybe little more common sense would help if think thing more abit.

AliSalahat 👌 の投稿を引用：

i u started playing on steam on age 12 and got banned bcs ur a stupid kid after 18 years steam will still till you you are a stupid kid

Steam haven't ban anyone because of age, but even if that happen they have it back at age 13 so really wouldn't matter either way.

AliSalahat 👌 の投稿を引用：

and about all the people responding spreading morality, justice and intellegce when u dont no the answer of a very very specific question regarding a ban or anything please fight the urge to comment and spare us the ♥♥♥♥ that come out from ur mouth

You do realize this is a open forum discussion forum right? Not a private, or closed group discussion, just hope you know that, as often ones opens up a bad discussions post often seem silly due to not understanding how anything works until somoene explain it to them, but it alright as community helps them learn so they don't repeat same thing twice, and becomes smarter in life, and not go down the path of misinformation & looking silly.

Muppet among Puppets の投稿を引用：

Satoru の投稿を引用：

You’d be shocked the number of people pushing FIDO who insist “this is the way”

The things that really shock me in regards to security are rather
the ways how to circumvent the security things.

Real world example:
Sometimes ordering a pizza
and
leaking your account details for a major entry point
can be effectively the same thing.

Too often security is only looked at from one point. And if security then is also just one point, doesnt sound good.

When we implemented a RFID login system, we were asked "why do I have to type in my password still". It somehow didn't occur to anyone, that people lose their badges and then anyone picking it up would be able to log in, as them, with no additional authentication. We still had to compromise with various timings as to 'how often' you'd have to type in your password during a work day. I mean there are practical reasons why we had to do this. During teh pandemic PPEs were in extremely short supply and thus even having people take off thier gloves to type in passwords was a problem as it drained the supply of PPEs.

AliSalahat 👌 の投稿を引用：

What if someone broke to ur house and stole everything including ur pc ?
and after stealing it u were still logged in and he took ur items cause he had you phone for steam guard. i bet steam will reply like this .. why dont u have a pin lock on ur phone ? hah ? then its ur fault

what if someone pointed a gun on my head and said give me ur steam account and u gave him and he stole everything and set u free when u contact steam support, theyll answer thee following, why didnt you fight back ?> its ur fault no account

what if anonymous hacked me ? hacked the ♥♥♥♥ out of of my pc and phone, is it my fault too ?


all of the above are fictional example of how steam deal with players ..

if u had a choice ... to save ur mom or ur steam account what would u choose ? mom ? then u have violated the tems of use the includes your account safety is ur top priority ..

i u started playing on steam on age 12 and got banned bcs ur a stupid kid after 18 years steam will still till you you are a stupid kid


and about all the people responding spreading morality, justice and intellegce when u dont no the answer of a very very specific question regarding a ban or anything please fight the urge to comment and spare us the ♥♥♥♥ that come out from ur mouth

Changing your profile picture will put you at the back of the line.

Satoru の投稿を引用：

Thermal Lance の投稿を引用：

Personally. I want a physical key with biometrics that stores my password. Just safe enough while staying practical and easy to use.

Everyone wanting 'physical' tokens seems to have never lived through the old days of RSA 2FA physical tokens. Because these systems were expensive af. Because literally every person would lose their token at some point and demand we overnight them a new one. Some people would lose them literally every month. And this is a Fortune 500 company with a large sales force of a few thousand, nad we were buying tokens and giving them out like they were Kinder suprises at Easter.

If Steam did this, just by its sheer population, the number of 'lost' tokens would be astronomical. Which would result in astronomical number of calls about how their account is now permanently absolutely screwed because they lost their physical token.

This isn't a problem with you specifically. You probably would be fine. But at scale, this would be an utter disaster for Steam with so many people being locked out of their accounts because they lost one or both of their tokens, which, again, I saw sales people do constantly with literally 10,000th of Steam's population

I guess. But, I was speaking in general and not just for steam. XD

I really like this idea. Done well it cannot be hacked and unless it is stolen from you, youre safe. And even if they steam it. They still gotta get past the other security features. (biometrics, master password etc....) Which buys you enough time to declare it lost.

I just like the concept but YEAH. Definately not for people forgetting stuff all the time. XD

Thermal Lance の投稿を引用：

I guess. But, I was speaking in general and not just for steam. XD

I really like this idea. Done well it cannot be hacked and unless it is stolen from you, youre safe. And even if they steam it. They still gotta get past the other security features. (biometrics, master password etc....) Which buys you enough time to declare it lost.

I just like the concept but YEAH. Definately not for people forgetting stuff all the time. XD

Systems like FIDO have a lot of advantages

The main disadvantage is that they are a literal nightmare to maintain and support. Sure if you're a fortune 100 company and can basically have like a dozen people who's literally only job is to manage FIDO tokens and basically be best buddies with the UPS/FedEx/USPS/DHL/etc drivers because you are sending out tokens at an astronomical scale, then sure.