安装 Steam
登录
|
语言
繁體中文(繁体中文)
日本語(日语)
한국어(韩语)
ไทย(泰语)
български(保加利亚语)
Čeština(捷克语)
Dansk(丹麦语)
Deutsch(德语)
English(英语)
Español-España(西班牙语 - 西班牙)
Español - Latinoamérica(西班牙语 - 拉丁美洲)
Ελληνικά(希腊语)
Français(法语)
Italiano(意大利语)
Bahasa Indonesia(印度尼西亚语)
Magyar(匈牙利语)
Nederlands(荷兰语)
Norsk(挪威语)
Polski(波兰语)
Português(葡萄牙语 - 葡萄牙)
Português-Brasil(葡萄牙语 - 巴西)
Română(罗马尼亚语)
Русский(俄语)
Suomi(芬兰语)
Svenska(瑞典语)
Türkçe(土耳其语)
Tiếng Việt(越南语)
Українська(乌克兰语)
报告翻译问题
Make sure you triple check stuff before posting
But SMS based 2FA is the worst, SMS has 0 encryption whatsoever, providers like Twilio get hacked constantly, SIM swaps are common, phone numbers are valuable for phishing, scammers and other undesirables literally have access to many phone providers backed, its just plain inconvenient when I can have TOTP on PC, etc it never even should've been a thing its so terrible and its time that Steam stops forcing it, thats the main problem, if for whatever insane reason someone chooses to use it, their problem okay, but don't force me to use it because you don't care to support better options.
https://x.com/MellowOnline1/status/1922458687316074640
I did read it. It seems to suggest that the this breach was not on users' side but more on the Valve side. This is one explanation for the all the posts talking about how their guard was defeated when they don't trade etc. But my point was, device-based 2FA isn't a silver bullet because that ♥♥♥♥ can and do just be lifted off the phones where it is.
But way to expose yourself there.
If Valve was using Twilio to send the codes out, and Twilio has a breach, then you think that's more on the user side?
https://9to5mac.com/2024/07/04/authy-hack/
But in any case I don't need an OTP to access Steam. I have installed Steam on iPhone and I have to approve requests from smartphone
Ah, so not on Valv'e side then. I did think it was a bit plebian for Valve, but Twilio is a well-known name in VOIP and business phone systems.
So that's interesting. Twilio is more backend-focused. Makes me wonder if trader bots were the accounts involved.