引用自 Muppet among Puppets：

If infection of your computer is still enough to get by that 2 way protection, and especially getting by trade holds instantly, why do we actually have it?

引用自 Muppet among Puppets：

Its strange how you say the same things as before steam auth was introduced.

If infection of your computer is still enough to get by that 2 way protection, and especially getting by trade holds instantly, why do we actually have it?

Simply giving 15 day trade hold for phone number change would solve this.

引用自 Hell is Earth：

引用自 Muppet among Puppets：

If infection of your computer is still enough to get by that 2 way protection, and especially getting by trade holds instantly, why do we actually have it?

引用自 BossGalaga：

引用自 Muppet among Puppets：

Its strange how you say the same things as before steam auth was introduced.

If infection of your computer is still enough to get by that 2 way protection, and especially getting by trade holds instantly, why do we actually have it?

Simply giving 15 day trade hold for phone number change would solve this.

Because smart people don't accept friend requests from random people, click on random links from random people and actually have updated/active antivirus that can stop such software from running or at the very least prompt them before they install it.

I've never had my account hacked in 13+ years yet I have to endure all of these restrictions. Steam already has two 2-factor authentication systems, three if you use 2FA on your email.

A user has to bypass and ignore a ridiculous amount of warnings to be scammed or hijacked.

It wouldn't matter if Steam added retinal identification. People would still fall for phishing scams and trojan/rat viruses.

And it's usually due to greed. Someone offers them some fabulous too-goodto-be-true trade and tells them to just click here or promises them something in return and they ignore the red flags and fall for it anyway.

引用自 Prick：

Spawn Of Totoro, I have MalwareBytes, and it's highly efficient at scanning my entire HDD.
I mentioned somewhere ago, that it was strange to me that it said nothing about this progam. I don't scan everything I download from the internet, but I always scan .exe's. And to my honest belief, I genuinely thought it was teamspeak software. It was a seemingly clean file.
And I also mentioned that I moderate a dodgeball server, so I get random adds very frequently.
I was under the impression this user, (scammer,) just wanted someone to play competetive with.
And yes, I know already, had it been a snake I would be bitten.
But I also think that Muppet has a valid point, that a device change doesn't trigger a penalty, however switching a computer does.

引用自 PsydeFX：

引用自 Teksura：

That's literally all you have been doing in your past 3 posts, but if you're going to stop and go back to repeating something I've already said in this thread, that's fine. thank you for putting an end to it. It was getting silly.

No, you just need to realize that there is a difference between perception of the words. there are 3 main types of semantics that only the OP can clear up. You're cherry picking my posts to completely ignore and distract from the point (that I've repeated in all 3 of my prior posts).

SMA is intented to protect your inventory by removing it to the device's control and away from the PC side to be completed. If you can give your entire account away through the PC, and then the hijacker can then take control of what device the SMA is on through the pc without the 15 day cool down, then what exactly is SMA protecting from? It's clearly not the moving of items as the MOST CRUCIAL part of the security can be changed and used instantly.

Without the 15 day cool down, it's just as innefective at keeping items secure as it was BEFORE SMA. THAT is the point. Argue what else you want.

引用自 PsydeFX：

引用自 Teksura：

Actually according to the OP, they realized they had just downloaded a malicious program when it suddenly hijacked their system and appeared to kick them off their Steam account. At which point they started trying to regain access... From the infected computer... By providing it the infected computer with critical security information. I'll say it again, the critical security information was entered on the infected computer, which was known to be infected. Instead of doing a much more senable thing like cleaning the computer off first, or trying to access from a clean system.

So "trying to get in your car" isn't a good analogy. A better analogy is like "Trying to get into your car by handing the keys to a bunch of thugs who you see are trying to break into your car, and asking them nicely to please unlock the door for you."

No, OP was suddenly disconnected from steam, and he then tried to get into the account. It wasn't until two failed attempts and him checking his email that he realized.

引用自 Muppet among Puppets：

Lets stay on topic.

Does it make sense for anyone that a thief can trade instantly, even though you have steam auth enabled?

引用自 Teksura：

No amount of security can protect people from themselves

引用自 Muppet among Puppets：

引用自 Teksura：

I've said before that it should be putting a hold whenever a new device is enabled. However, we should also be aware that there is only so much that security can do. In the end it falls to the user to be responsible. No amount of security can protect people from themselves, and we do have to be aware that there will always be people who manage to give access to bad people.

Thats actually not that much of a justification for keeping a weak spot (in terms of handling of trade holds) which gets misused.

引用自 Prick：

And to hell with you Valve, you don't have control over the hackers.