I think it is high time we sort some things out, and clear the air.
I myself have been part of steam pretty much as soon as the steam platform came out.

You platform has grown, it has expanded, it has matured, and it is under siege now.
Just like any big platform there are descisions to be made.
Things to be changed, hurdles to be tackled.

However in the last year or so your measures have gone from horrible to downright terrifyingly comunitst ban hammer of doom "f everyone who is stupid" or too poor to use our fancy system.

What is this topic about? I will tell you what it is about.
Security. And the over abundant need for it. Aswell as the communities cry and rage expressed in the past few days saying it has gone too far.

The point where you actualy rescrict good citizens of the city of steam. From using your service because the are too poor to use or own a smartphone. Is disgusting uncalled for, unwarranted behaviour.


Lets analyse and look at the problems here folks.

• Accounts are getting hacked Left Right and Centre
  
• Theft is being commited and being profitable
  
• People are angry because they are locked out of market "For their own good".
  
• The scams, scams, hacks are still getting worse.
  
• People are tired of being FORCED to eat massive shovels of "SECURITY"
  
• You and your customers are being hurt and burned financially by these occurences.

I hope thats all we really need to talk about. But for now those are the issues on my mind.
And probably 90% of your community, THAT in its own right makes it your very massive own problem.

Its time you learned that you are not in this alone steam. We are your customers.
We want to be able to go about our business not worrying about these things.
But if you are going to, for the lack of a better word, nuke yourself. to stop bad things happening.

I can not allow to let this go further without the people having a say in what is going on.
DO NOT BE AFRAID TO ASK YOUR OWN PEOPLE FOR HELP.
Its not a sign of weakness. Its a sign of trust.

And you do not trust us at the moment. Hence we are offended.
You basicly came out and told us we are all stupid. And we should all be told how to do things.

For a part this is true, there are a lot of stupid people arround. But that doesn't mean we shoot them all dead for the cleansing of the human race. No, what you do is TOLERATE them. And work arround the issue.


I believe a lot of us deserve the right as a long time paying customer to have the benefit of a doubt. Sure there are some bad apples but thats in any community.

Lets look together for sollutions here. Pro's and Cons.
Lets go all out and talk about this, fix this, disease, this tained cursed cancer in our mids.
And work on it together.


Yes they are, just like any e-mail service, like any video service, and practically any service on the internet. Someone somewhere is getting hacked.

But why? Lets think about this for a minute.

In the last 12 years of steam usage I have never been hacked. And why is that?
Lets see here:
-I never made extremely public posts that will get everyone angry.(Untill now)
-I have never shared my password
-I have never clicked on a link even from a friend untill confirming that they are infact in the know of who I am so that I can know the link is safe. With keywords and certain fact chasing.
If the other person doesn't know who I am or what i'm doing. They are hacked. And that link is poison.
-I have never clicked on false e-mails pretending to be steam.
-I have never accepted friend requests from players I do not know.Or I haven't played with first.
-I have made use, (admittedly against my will) of steam guard. AND ENJOYED its safety.
-My steam inventory has always been set private. (since the option has been there)
-I always sell any items of value the second I recieve them.

What I am trying to get at here, is I am a cautious person. Not everyone is like me.
I am an exception and not the rule but these are things people should be advised doing to prevent being hacked in the first place.

Steam Guard was a correct descision. It made life easier & safer.
So instead people are going after e-mail accounts.

They are LESS secure. SO you thought to yourself. The safer bet, that also banks use in many cases is "Phone Authorisation". To that I say yes. And I say NOOOOOOO.

It is true that your two-factor authorsiation is usefull. Secure. And safe.
It doesn't work for ALL your customers. So you decided to sacrifce the few, for the many.
But ultimately unacceptable. You can not shoot the fat kid in the leg so he will get eaten first.
Thats just not okay.

Although you have a point at making e-mail not the main point of trade controle.
I as a denied user of the phone method can tell you right now. Your verification e-mail sucks.
For the market that is, it doesn't actualy do anything but send me back to the steam page without me logged in causing me to be super suspicious and wanting to back off.


Well you can't base it on already having access to the account. (A hacker would then have complete controle.)
You can't base it on e-mail for its easily hacked if the owner is stupid or not tech savy.
You can't base it on a pc because they are easily "infected" and used to break in.
You can't base it on a smart phone because not everyone is able or willing to own them.
You won't base it on letters, (too many, too much work).
You can't use some sort of weird double password combo.
You shouldn't leave it as it is.

What can you do? I invite everyone else to help out come up with something.
But if I can express my own opinion as a security standard.

Go back to the e-mails OR mobile auth. (Do not force the auth upon us.)
Force changes to the account to be verified by e-mail.
Force changes to the e-mail or security settings to be checked by e-mail.
Use a password login. With a "secret word / sentance" that you do not ask back entirely but instead request a return of 3 or 4 specific characters of the word / sentance, with a dropdown selection. (This prevents any type of software that specifcly registers keys (and thereby e-mails the victims password))
Keep steamguard. Please for the love of god, it annoys us but IT IS HELPFULL AND GOOD.
And OPTIONALLY phone verification via text or Molbile Auth.

This way, you have a quite good security. But I have to adress the part of the peole getting hacked now.

IF YOU ARE HACKED IT IS YOUR OWN FAULT. I know a lot of you will be angry at me for saying this. But it does not make it any less true.
Let me explain though before you crucify me on a desolate mountain.

Most hacking of your accounts occurs by a failure to use steamguard or secure your own e-mail account.

The most common error with e-mail security are the following:
-Small, insecure or possibly "whitty" password.
-Passwords based on ANY personal information be it based on your date of birth, dog name, whatever.
-Secret Question is your enemy, it is basicly a secondary password.

Before I continue let me explain that last one.
80% of all hacked e-mail accounts are hacked by finding the secret answer and then asking the staff of the site (hotmail, gmail, ...) to reset the password and send the new one out to the hacker.
My secret question may be "what is the name of the first school you went to." But I can assure you my answer is a random generated highly encrypted 200 character code.
Even I don't know it, it sits on a seperate air safe drive I guard with a sniper rifle.

Seriously NEVER answer a secret question correctly. (Facebook will make it easy for them)
And treat it like a password you NEVER have to type again.
In needed BASH YOUR KEYBOARD 200 times. And press enter.

Carrying on with my list.
-Social media is your enemy if you use a weak password. Never post anything on facebook or twitter about whatever thing you used as a password. Have a dog and use its name as a password? NEVER MENTION IT ONLINE. NOT ON TWITTER, NOT ON FACEBOOK, NOT ON FORUMS, NOT ANYWHERE.
-Hacked accounts are often altered to add extra security restoration to a new e-mail. Allowing them to easily get in again whenever needed. After being hacked, always check your security settings and clear out whatever they did.

The point is, TAKE CARE OF YOUR E-MAIL AND SECURE IT LIKE ITS A GOLDMINE.
Because your e-mail is your access point to all of the internet to any site that requires a login.
IT IS OF GREAT VALUE TO HACKERS. SO ALWAYS TAKE THE BEST MEASURES.

And my last point on this subject. Something I know alot of you personally never bother.
If you are hacked, PLEASE report it to the local law authority AKA police.
Countries arround the globe are instating internet crime units with their own job, to investigate crimes of hacking and virutal theft.

If you are a victim, tell your police. They will not visibly help off the bat. Tracking, tracing, hunting criminals, gathering evidence TAKES TIME.
But trust me. You will be saving someone else ultimately from the shame that is, a hacked account.


Here we go again.
Theft is the problem here.
How do we stop this from being profitable?

I will give you an idea or two here steam.

How about you do this:
When an item is sold. It can not be traded for 15 days. (So it can be recovered and slow stolen itmes being passed along.)
When an item is sold. It can not be marketed again for 7 days.(Prevent pawing, can be recovered)
When an item is traded it can not be retraded for 7 days.(Prevents passing along quickly)
When an item is recieved initially it becomes untradeable for a day. Unmarketable for 3 or 7 days.(I mean like CS:GO drops, card drops, gifts)
All of these are negated by mobile authenticator. And e-mail verfication is not required.
BUT e-mail notficication is ALWAYS given. So it can be undone.

This way people can still participate. And theft is slowed, if not simply reversable. It gives you more than a month to read the e-mail saying "your stuff is being stolen" And to stop, or even after the 15 days reverse the process.

Also these are assuming you remove the trade holds. Please. ;)
This way, you customers will no longer be angry about the holds, and you can still reverse the thefts.

In the case the stolen items do make their way to innocent people. Consider this. Allow the person to keep the item. But STRIP it from the ability to be marketed or traded and its value.

This will make it a PERSONAL item to that ACCOUNT. And in essence stops your theft issues in its entirety. It there is a claim of theft. This will give you many avenues of FIXING the issue without punnishing all of us.

Again I would like to ask everyone. Please if you feel you can think of other sollutions post, and tell steam all about it in this topic.


You can not, tell people you are refusing to serve them because its for their own good.
Its cliche, overdone and frankly insulting.

If you implement some of the ideas in the last topic. Above this one, people would not be angry. Note this. They are not angry about the added layer of security. (Some are though because exclusion is forcing them to not be allowed to participate.) But mainly the thing people hate, is the fact you are HOLDING their trades basicly FREEZING their accounts to a standstill as they can not sell items anymore.

Aswell as this, ask anyone who dables in markets and high level economy.
Or rather ask yourself.
Is it okay to force someone to wait 15 days, with cripling anxiety that the price may go down by even a cent. Making your product posting in vain because no one will buy your stupid (after 15 days) "too pricy 14 cents item" when the day before "14 cents for the item" was a perfectly good low price.

No it isen't. You are phyicly maiming some people with that behaviour.
You wouldn't tell a stock broker they would have to wait 15 days to buy the cheap stock.
It would have gone up by then. And money will be lost. Law suits set in motion. It is not acceptable.

Seriously. Remove the holds, add time limiters restricting the rapid movement of items.
Its okay, you are trying to slow things down giving you more time to find and stop offers and stolen items. This is okay. But don't force us to wait a month of our lives to sell a stupid 3 cents item of which you only let us keep 1 cent. It isen't even worth the electricity spend on the action. You adding more layers of work, is adding insult to injury.


People clicking links, being stupid and not verifying your friend is really himself. Bad.
People logging into websites with steam api or not to "try lotteries for free steam stuff." Bad.
People entering prize draws on steam or websites claiming to work with steam. Bad

What do we see here? Stupidity. Or should I say naive false sense of security.
PEOPLE. STOP CLICKING ON LINKS WITHOUT CONFIRMING YOUR FRIEND IS DEFINITELY 100% YOUR FRIEND AND IS THERE.

If you recieve a friend request of someone you do not know. DO NOT ACCEPT.
If you recieve a link from a friend, no text, no explanation, or even poor explanation. DO NOT CLICK, seriously. Ask the friend; "What is my real name." or anything of a sort that they can not find our from your steam profile. If they don't answer correctly and prove they are them.
DO NOT CLICK IT AND REPORT THE HACKED ACCOUNT RIGHT THEN AND THERE.

If you go on a website telling you "enter in on a prize draw" "log in to steam via steam api" WALK AWAY, THEY ARE ALL SCAMS. You people should know better by now.

If you go on a website telling you "skins for skins", a website telling you "booster service" or anything litterally not steam. You are most likely being scammed. And then hacked.
NEVER LOG IN AN UNTRUSTWORTHY WEBSITE WITH YOUR STEAM PASSWORD.
NEVER USE THE SAME PASSWORD FOR DIFFERENT SERVICES (like e-mail & steam).

Stop click, start checking. The internet is not real life.
If your friend walks up to you in real life, you can trust them, and their links.
On the internet. You can not see the face behind the text. ALWAYS ASSUME THEY ARE NOT THEM UNTILL THEY STATE THINGS THAT IDENTIFY THEM TO YOU AS "YOUR FRIEND"

Otherwise you will be hacked. By clicking on malicious links.

I could raise the other points on my list. But they are all contained in this post already.
And it is already WAY TOO LONG.

It makes me sad I had to do this, it makes me sad we are being punished for not doing anything wrong.
It makes me sad you people just can't get along.

My fellow steam users. And my good friends of steam support. My lovely admins from the steam community. And my love the man himself, Gabe.

Please. Get along. Converse in this topic. How you feel things should and could be.
Please to the information provided inside. Secure your e-mails. Secure your accounts.
Steam. Fix the holds please.

I bid you all a farwell and hope to play games with you all soon.
I had hoped to avoid drama's like these. But sometimes you have to stand up for your fellow man and say. You are all wrong. Stop shouting. Shut your faces and get along.

We are all in this together.
Lets figure it out as a community.

Steam. I ask of you only that you take our suggestions and considerations seriously.
From your main man.
DT, with love to everyone on steam.
I am out of here before anyone starts shouting at me.