@Rockon we are talking about a platform that manages credit cards here, their security measures should be at the very least, as strict as those used for a bank, I shouldn't have to put up with any risk by a platform that sells me products, my security should be absolutely guaranteed by any platform as a consumer

Publicado originalmente por alevanf:

@Rockon we are talking about a platform that manages credit cards here, their security measures should be at the very least, as strict as those used for a bank, I shouldn't have to put up with any risk by a platform that sells me products, my security should be absolutely guaranteed by any platform as a consumer

Let me quote it again.

Publicado originalmente por alevanf:

I'll give a try to steam guard authentication code, maybe that's secure enough to protect my account

You asked for Valve to add more security and yet you have not even activated SteamGuard, sorry mate, can you see the flaw in that request?

How about you use all the security Valve offer before you ask for more.

Only way another user would know your login credentials is if you leaked them at some point.

Steams security is good, I have not once in my many years had my account compromised or anyone but me to try to login, think about that.

Publicado originalmente por alevanf:

Men you are explaining such basic and redundant things to me, but also you are assuming someone knows already another account's password I own, and I repeat, not a single account on every platform I have passwords has been logged in by anyone yet, except for my steam account, I know how to detect fake pages, I know how keyloggers work, I don't access to any account from any computer that I don't own, my navigation policies are totally secure, all the rest of my other accounts are intact, and I have already said that the first password I got stolen was a generic one, and from all the sites I use it, the only one that has been accessed is this one on steam

So you were phished or have malware/key logger on your system.

They need your log-in and password to access your account, with out any other security active.

To post in the forums, you at least need Steam Guard, so we will assume it is active.
If they got your log-in and password, they would either need you to provide a Steam Guard code or they also have access to your e-mail to get the code.

If you have the Steam Authenticator, then they would need an authenticator code in order to access your account or have physical access to your phone.

Adding a 4 digit pin would not help prevent any of the above, except if you only used the log-in and password, but it also isn't needed because of the two other options.

Passwords on Steam can not be brute forced, so the only way is through a user giving it away or malware/keylogger.

Publicado originalmente por Rockon:

Steams security is good, I have not once in my many years had my account compromised or anyone but me to try to login, think about that.

Same here. 14 years and never lost access to my account. Use Steam Guard when it was added and now use the Steam Authenticator.

Other then that, I watch for suspicious links and practice safe internet habits (such as not reusing the same password on multiple sites). Even then, I try not to be overconfident and watch out for my own actions as those are the most likely to cause an account to be lost.

Publicado originalmente por alevanf:

@Rockon we are talking about a platform that manages credit cards here, their security measures should be at the very least, as strict as those used for a bank, I shouldn't have to put up with any risk by a platform that sells me products, my security should be absolutely guaranteed by any platform as a consumer

Then start by using ALL security features. Cause by your OWN admission, you are not doing that. Rockon quoted your post where you admit that.

Steams security is good and strong. Accounts get hijacked, but no security system works when a user hands out all login information to a phishing site.

USERS who stupidly click links and get phished are the issue. Even banks aren't capable of stopping that, otherwise they wouldn't warn people for phishing mails.

Publicado originalmente por alevanf:

Men you are explaining such basic and redundant things to me, but also you are assuming someone knows already another account's password I own, and I repeat, not a single account on every platform I have passwords has been logged in by anyone yet, except for my steam account, I know how to detect fake pages, I know how keyloggers work, I don't access to any account from any computer that I don't own, my navigation policies are totally secure, all the rest of my other accounts are intact, and I have already said that the first password I got stolen was a generic one, and from all the sites I use it, the only one that has been accessed is this one on steam

We don't know what you know and what you don't know. You are also not the only one reading the thread and other users might find these information helpful.

If stuff is so basic to you, you should also know that it's basically impossible today to "steal" passwords from a service unless they really goof up. From users? Yes. From the service itself? Unlikely.
Steam stores passwords hashed and salted multiple times as it's best practice. So the only way someone got your password is by you leaking it or it being an easy to guess one. Something I'd call "generic".

Also, from experience I can tell that people who insist are experts in computer security and have all figured out are neither. That's usually the bunch that claimed they are secure because they have an up-to-date anitvirus running.

Publicado originalmente por alevanf:

I'm an advanced Informatic user, my own security levels of either creating passwords and navigating the web are advanced as well

Publicado originalmente por alevanf:

I have already said that the first password I got stolen was a generic one, and from all the sites I use it, the only one that has been accessed is this one on steam

You claim to be an advanced user with good security, yet you use the same generic password on multiple sites.

Sorry, but more and more indicates that you are the weak link in the security of your account.

Publicado originalmente por alevanf:

@Rockon we are talking about a platform that manages credit cards here, their security measures should be at the very least, as strict as those used for a bank, I shouldn't have to put up with any risk by a platform that sells me products, my security should be absolutely guaranteed by any platform as a consumer

Even if your account has 100000 security systems
If u give away your password in some shady sites/click stupid link with malware = your account will never be safe,nothing can safe u from your stupidity

Publicado originalmente por alevanf:

I know how to detect fake pages

Just like every other phished user knew.

Publicado originalmente por alevanf:

have already said that the first password I got stolen was a generic one, and from all the sites I use it, the only one that has been accessed is this one on steam

Generic passwords are a security threat in itself.
Do you know of this site?
https://haveibeenpwned.com/

Is there a young person in your home who is smarter than you think? Or a friend of yours, or a friend of the young person in your home? My own very young niece hacked my computer to play games once. Another young child I new hacked their parent's computer, and unfortunately, along with the games, got messed up by one of those people who asked to buy pictures - you all know what I mean.

If you are certain you have not been phished, then perhaps you don't know how sneaky some of your own friends and family can be.