Install Steam
login
|
language
简体中文 (Simplified Chinese)
繁體中文 (Traditional Chinese)
日本語 (Japanese)
한국어 (Korean)
ไทย (Thai)
Български (Bulgarian)
Čeština (Czech)
Dansk (Danish)
Deutsch (German)
Español - España (Spanish - Spain)
Español - Latinoamérica (Spanish - Latin America)
Ελληνικά (Greek)
Français (French)
Italiano (Italian)
Bahasa Indonesia (Indonesian)
Magyar (Hungarian)
Nederlands (Dutch)
Norsk (Norwegian)
Polski (Polish)
Português (Portuguese - Portugal)
Português - Brasil (Portuguese - Brazil)
Română (Romanian)
Русский (Russian)
Suomi (Finnish)
Svenska (Swedish)
Türkçe (Turkish)
Tiếng Việt (Vietnamese)
Українська (Ukrainian)
Report a translation problem
this is a burner steam account. the email used is only made for this. I also changed my email to a new burner one and my password. But how tf did someone get by two step? what the ♥♥♥♥ is the point of it? seriously
DO NOT TRADE
If you have access to the account
Steps to take NOW to secure the account:
1. Scan for malware https://www.malwarebytes.com/
2. Deauthorize all other devices https://store.steampowered.com/twofactor/manage
3. Change passwords from a clean computer
4. Generate new backup codes for your Mobile App https://store.steampowered.com/twofactor/manage
5. Revoke the API key https://steamcommunity.com/dev/apikey (there should be nothing in the APIKEY)
Please review how you are logging into Steam, you somehow gave them your log in information. This could of been due to the computer being compromised and redirecting to a fake login, or you using a 3rd party site to login to steam.
1. Scan for malware https://www.malwarebytes.com/
2. Deauthorize all other devices https://store.steampowered.com/twofactor/manage
3. Change passwords from a trusted/clean computer.
4. Generate new backup codes for your Mobile App https://store.steampowered.com/twofactor/manage
5. Revoke the API key https://steamcommunity.com/dev/apikey (there should be nothing in the APIKEY)
Odds are you were hijacked when you logged into a shady 3rd party application, and they could have been sitting on your account for a long time before they actually did anything.
The point of steam MFA, is that it is security for you, providing you dont give away your account information. Having a deadbolt on the door doesnt do anything for you if you give away the key...
All those sites potentially have phishing login windows.
Following the steps will be your best bet.
Revoking the API and de-authorizing any sessions will remove them from the account, changing your password from a clean computer will secure your account. Generating new backup codes will secure your account after changing password and de-authorizing session. Scanning for malware is good practice incase there is something else.
You should not have an API key. Having one and not being a developer trying to utilize the steam API keys, means someone is on your account.
At least now you know how someone gained access to your account.
You give away your credentials just once to a phishing window that sites like these operate, you will be instantly shadow-hijacked and wont realise until it's too late. This could happen the next day or a year down the line.
Remember they aren't in a rush - they have loads of accounts to get through, yours is just a number on a list.