All Discussions > Steam Forums > Help and Tips > Topic Details
This topic has been locked
Overwatch Jan 2, 2015 @ 10:03am
Yet another 30 day lockout ruins a steam sale badge for my wife... Thanks Steam
My wife and I both have steam accounts. Mine gets used every day, but my wife only uses hers when we have time to play the occasional multiplayer game. Unfortunately, this also means that she end up having to reset her password a few times a year since she does not play that often.

Now, this would not be a problem, except for the fast that steam locks your account down for 30 days after resetting your password. I understand that this is done to prevent account hacks from trading your entire inventory away. What I do NOT understand, is why there is no method to verify ones account, OR why the probationary status of an account should stop you from opening a trade with someone and ONLY accepting items.

Every sale goes something like this...

Sale starts: Password reset. Vite on sales. Get cards.

During sale: Keep voting. Buy some things. Get more cards.

Last day of sale: Check inventory. Have 7 of card 3. Missing card 1. Have $5 sitting in steam wallet from 2 years ago. Can't give wife the 1 card she needs. Can't BUY her the card she needs. Can't open a trade. Account lockout will expire in a few weeks.

Sale ends: Cards go 'poof'. No badge for my wife. Wife is now pissed at steam. No multiplayer games for me with the wife for a month or two because "Steam is Stupid"...

So in closing; Thanks Steam. Your overly simplistic, poorly implemented approach to account "security" that allows for no exceptions has ruined the 5th Steam sale in a row for my wife, and by association, me.
< >
Showing 1-15 of 15 comments
spoof Jan 2, 2015 @ 10:40am 
not logging in two months triggers the 30 day cooldown.
resetting password is 7 days or 5 , brain freeze.

it is not for account security it is for the security of the rest of us these restrictions are in place.
Last edited by spoof; Jan 2, 2015 @ 10:43am
#1
Overwatch Jan 2, 2015 @ 11:41am 
Trade/market lockout is 30 days. I know this, because I'm currently looking at a popup stating it.

My issue is not with the lockout. I agree that it is a useful security feature to help protect people from having their account accessed, and their inventory dumped/sold off.

However; Steam took an overly simplistic approach to its protection scheme, which hurts legitimate users.

There are multiple ways that Steam could have implemented another layer of Identity confirmation which would allow people to finish an account lockout. Examples...

1. Making a $1 charge/refund on an already authorized saved payment method, with the user being REQUIRED to provide the payment details again.

2. Verifying that the Steam application is running on a machine that is already authorized using their already stored hashes.

3. Sending a text message with a PIN to an associated phone number.

Instead, the lockout is mandatory. 30 days. No questions asked or answered.
#2
spoof Jan 2, 2015 @ 11:43am 
trade and market is locked out 30 days yes.

you still do not understand the restrictions you complain about have noting to do with your account security.

so I do not need to read the rest of your post yet.

it is like going to a club and not being allowed acces because you have sneakers.
it is a dress code to trade and do the market.
follow the dress code.
Last edited by spoof; Jan 2, 2015 @ 11:48am
#3
Overwatch Jan 2, 2015 @ 4:29pm 
Originally posted by spoof:
...you still do not understand the restrictions you complain about have noting to do with your account security...

Incorrect.

Those restrictions exist for the SOLE purpose of protecting account holders Inventory/Wallet funds. The 30 day period allows a person with a compromised account to regain control over it before their inventory or wallet gets raided.

Also. Your example is flawed. Pointing out an arbitrary rule created for social reasons does not prove your point.

An example with meaningful similarities would be:

Going to a secure office building that does not allow any outside electronics.
Not being allowed inside because you have an insulin pump.
Not having any way to get an exemption.
Not being able to do business with said office building.

The 30 day lockout is NOT the problem. It is totally fine.

The issue is that there is no process to remove it.

I've spent more than a decade writing, adjusting, and implementing security policies for the corporate and military world. You are not going to convince me that Steam is in the right, because this is literally the type of example I use to show clients why 'no exception" policies do not work in the real world.
#4
TirithRR Jan 2, 2015 @ 4:31pm 
5 sales in a row. You'd think after the first time you'd just write the password down. :)
#5
Seretti Jan 2, 2015 @ 4:34pm 
Tell your wife to write down her password and keep it in a safe place.
#6
Hanomaly Jan 2, 2015 @ 4:39pm 
Originally posted by TirithRR:
5 sales in a row. You'd think after the first time you'd just write the password down. :)


Originally posted by Seretti:
Tell your wife to write down her password and keep it in a safe place.

Agree.
i have heaps of my passwords written down in RL in a little journal thing. i live alone, so short of someone robbing me and stealing my diary on some psychic knowing that my computer passwords are siting in there...i feel they are fairly safe.

If you and your wife trust each other there's no harm in her writing her Steam password on a sticky note and then sticking it to the underside of her desk or something.. Or in your nightstand or something. :butterfly:
#7
Gana Jan 2, 2015 @ 4:45pm 
You are mad at Steam for being simplistic but Steam covers the entire world with 30 or 100 payment methods, and 65 million steam accounts and 7 million active users....They have to be simplistic.
#8
The Giving One Jan 2, 2015 @ 4:51pm 
Originally posted by ganmelajo:
You are mad at Steam for being simplistic but Steam covers the entire world with 30 or 100 payment methods, and 65 million steam accounts and 7 million active users....They have to be simplistic.

Yep...this...and if I remember correctly, all with only about 500 employees.
#9
Satoru Jan 2, 2015 @ 6:05pm 
https://support.steampowered.com/kb_article.php?ref=1047-EDFM-2932&l=english

Recent Password Reset

If you reset your password, you will be restricted from trading and the Community Market for 7 days. If your account has not had any activity for more than 2 months, these restrictions will apply for 30 days. We do this to help protect users who lose access to their email account. Note that this does not affect password changes, only password resets..

Your 'wifes' account was inactive for over 2 months that's why

Root cause, you forgot your password. Not steam's problem. Yours.
Last edited by Satoru; Jan 2, 2015 @ 6:06pm
#10
Overwatch Jan 2, 2015 @ 6:52pm 
This is a policy issue, not a "general user" opinion.

If you haven't been payed for your opinion as a security professional in the last 18 months, then it really does not matter if you think I'm wrong.

Bad policy is bad policy. End of story.

Though, none of this matters, since Steam only has like, one customer service person. The rest of their employes are all busy shoveling up all the cash that dump trucks keep dumping into their parking lot.
#11
Hanomaly Jan 2, 2015 @ 6:56pm 
Originally posted by Overwatch:
This is a policy issue, not a "general user" opinion.

If you haven't been payed for your opinion as a security professional in the last 18 months, then it really does not matter if you think I'm wrong.

Bad policy is bad policy. End of story.

Though, none of this matters, since Steam only has like, one customer service person. The rest of their employes are all busy shoveling up all the cash that dump trucks keep dumping into their parking lot.
So... basically you and your wife aren't going to take any responsibility for her not being able to remember her own password?

Why not make her password yours... then if she can't keep it memorised, you can type it in for her since it'll be the same.
#12
The Giving One Jan 2, 2015 @ 6:58pm 
Originally posted by Overwatch:

Though, none of this matters, since Steam only has like, one customer service person. The rest of their employes are all busy shoveling up all the cash that dump trucks keep dumping into their parking lot.

Or, they are human beings also and allowed to spend time with family and others during major holidays too....imagine that.

EDIT...This user was not paid for his or her opinion.

EDIT 2...I love how he seems to be dodging around the "forgotten password" issue....hmmmm...
Last edited by The Giving One; Jan 2, 2015 @ 7:01pm
#13
LUMP OFF Jan 2, 2015 @ 6:58pm 
Yeah the Market not being active for 30 days after a purchase sucks!
#14
Matt Jan 2, 2015 @ 7:08pm 
Remember that Steam cannot detect intentions. The 30 day wait when resetting a password is simply a business rule to offer some protection to the inventory of to those who needed it. Steam doesn't know if you, your next door neighbor, or someone around the world is requesting resetting the password. So don't take it personally because it isn't meant to be that way. Yes, it would be nice to have 2 factor authentication via a cell phone or phone app. I would set a reminder to login to her account once a month and make note of the password so that it's not forgotten.
#15
< >
Showing 1-15 of 15 comments
Per page: 1530 50

All Discussions > Steam Forums > Help and Tips > Topic Details
Date Posted: Jan 2, 2015 @ 10:03am
Posts: 15
Start a New Discussion

Discussions Rules and Guidelines