riotus Dec 30, 2019 @ 12:36am
Someone keeps trying to log onto my steam account
After installing Steamguard, I keep getting the mobile authenticator showing me login pins which I did not request. I changed my password a few times but this persists. I checked my only workstation for Trojans but nothing came up.

Please help.
< >
Showing 1-12 of 12 comments
Zekiran Dec 30, 2019 @ 1:58am 
Do these things, just in case.

Scan for malware. https://www.malwarebytes.com/

Deauthorize all devices https://store.steampowered.com/twofactor/manage

Change your password on a secure device.

Generate new back up codes. https://store.steampowered.com/twofactor/manage

Revoke the api key https://steamcommunity.com/dev/apikey
** If there is nothing in the API key area, that’s fine. If there IS something, remove it. Nothing should be there.**

riotus Jan 7, 2020 @ 4:38am 
I have all the tools to keep malware away from my comp.
There is no malware. No API.

I have tried everything and it keeps happening.

The first thing I did of course is to remove all payment methods.

Now I have some games i really like that are on offer but I cannot buy them without risking my credit card information.
VaLiuM Jan 7, 2020 @ 4:57am 
That's true, mobile authenticator is constantly cycling thru new pins (every 15 seconds) and not only once you request a new login, it's like that by design.

If you would get these pins thru email, that would be a different thing, then someone probably had access to email and password.
reg1s7 Jan 7, 2020 @ 5:00am 
What do you mean? Is it from "steam guard" menu, or from "confirmation" menu?
riotus Jan 7, 2020 @ 7:07am 
No it is not cycling new pins.

Here what happens daily. At odd hours of the day , when the app isn't even loaded at all, my only device with steam installed wasn't even turned on....
A notification suddenly appears and tells me to use this pin.
Then it stops. Until the next day that is. It seems like this person is making one attempt per 12 to 24 hours or something.
riotus Jan 7, 2020 @ 7:11am 
Deauthorization prompts me to remove the authentication. Would this not allow the hacker to log into my account once the authentication is removed?
Kargor Jan 7, 2020 @ 7:31am 
Originally posted by cliffordeg:
Deauthorization prompts me to remove the authentication. Would this not allow the hacker to log into my account once the authentication is removed?

"Deauthorize all other devices" means all authorizations other than the one you're currently using are removed. Any login on such devices will then prompt another code request.

This also means it's useless for your situation, as you ARE getting codes, so these logins are obviously NOT happening on authorized devices.

This is mostly for situations where you loose control over an authorized device. Unfortunately, you can't revoke specific authorizations, but it's also a certain safety net -- if you loose your laptop, you'd have to remember to remove authorizations for the Steam client, the Firefox browser, the Chrome browser... and you might forget your ASF bot.
Last edited by Kargor; Jan 7, 2020 @ 7:33am
Thank you!
riotus Jan 9, 2020 @ 1:50am 
Still an unresolved problem.
riotus Jan 9, 2020 @ 1:57am 
I have done everything, and changed my password a few months ago. I just changed it again hopefully it will work. If not I will not use steam again. Looks like steam compromised my account info.
Satoru Jan 9, 2020 @ 6:05am 
Probably what’s happening is

1) someone has a username similar to yours
2) they type in your username
3) they can’t log in
4) they initiate a password reset
5) you get the code request
riotus Jan 12, 2020 @ 8:58pm 
No one else has access to any of my devices.
None of my other stuff has ever seen any security breach before.
I use the same device for all my banking transactions. No breach.
Zero issues. Only steam has this issue.

I am leaning towards Satoru's idea.

Thank you Satoru.
< >
Showing 1-12 of 12 comments
Per page: 1530 50

Date Posted: Dec 30, 2019 @ 12:36am
Posts: 12