Összes téma > Steam fórumok > Suggestions / Ideas > Téma részletei
Aziss 2016. márc. 7., 15:47
Steam needs Physical Authenticator!
Can you please make a physical keychain authenticator like other game companies have for instance Battlenet and Knights of the Old Republic. I own both of those keychain authenticators and they work great for keeping accounts secure.

I have an old tracphone based net10 cell phone and I can't always afford to put minutes on it so I will not be using the mobile authenticator but I would still like to have my account protected so it can't be hacked by using an authenticator.

If you made those available I would buy it in a heartbeat. I know this may not work for traders since I don't trade but this would be great for those like me.
< >
18/8 megjegyzés mutatása
Gwarsbane 2016. márc. 7., 16:35 
The physical authenticators can be bypassed.

http://www.cinemablend.com/games/Blizzard-Admits-Accounts-With-Authenticators-Have-Been-Hacked-42909.html

https://www.google.ca/search?num=100&q=blizzard+authenticator+cracked&oq=blizzard+authenticator+cracked&gs_l=serp.3..0i22i30j0i22i10i30.12175.19766.0.20323.19.16.3.0.0.0.245.1529.0j10j1.11.0....0...1c.1.64.serp..5.14.1531.xQm3OsTvMyw
#1
HLCinSC 2016. márc. 7., 19:55 
They've said they are considering it but currently have no plans so it's possible.
#2
Satoru 2016. márc. 7., 20:21 
Physical authenticators dont solve the problem that you cannot authorize the CONTENT of a trade via a typical TOTP. TOTP was never designed for that. Thats why you can't use a hard token. Because those don't do what Steam needs with regards to trade verifications
#3
chaoticenigma 2016. márc. 7., 21:17 
That argument doesn't really work because an authenticator made by Valve could easily be done to allow for the confirmations. Also, it's not like people haven't already bypassed Valve's current Mobile Authenticator.

I was also going to mention maybe having one plugged into the PC through USB then confirming a trade on PC while it's plugged in could count, but I guess that's not how it actually works after looking up the Blizzard one.
Legutóbb szerkesztette: chaoticenigma; 2016. márc. 7., 21:19
#4
Max 2016. márc. 7., 22:58 
How about real phone authenticators? Like the old pager days. You need to use a pay phone to call the pager guy and answer the passward in order to listen your messages.:trolol:
#5
Aziss 2016. márc. 10., 11:26 
Gwarsbane eredeti hozzászólása:
The physical authenticators can be bypassed.

http://www.cinemablend.com/games/Blizzard-Admits-Accounts-With-Authenticators-Have-Been-Hacked-42909.html

https://www.google.ca/search?num=100&q=blizzard+authenticator+cracked&oq=blizzard+authenticator+cracked&gs_l=serp.3..0i22i30j0i22i10i30.12175.19766.0.20323.19.16.3.0.0.0.245.1529.0j10j1.11.0....0...1c.1.64.serp..5.14.1531.xQm3OsTvMyw

In the first link the support agent says that nearly all of the accounts that got hacked all had multiple malware and backdoor programs on their pc's and they all used file sharing programs and downloading programs. So it's not really the athenticator's problem it's the users problem by compromising their pc's with questionable software that is known to have viruses and bad stuff along with it.

Before I got an authenticator for my Battlenet account I got my Wow account hacked twice. I have not had any problems since and it's been couple years.
#6
Aziss 2016. márc. 10., 11:28 
CharlestONE eredeti hozzászólása:
They've said they are considering it but currently have no plans so it's possible.

That's cool I hope they do make one.
#7
RiO 2016. márc. 10., 12:05 
Satoru eredeti hozzászólása:
Physical authenticators dont solve the problem that you cannot authorize the CONTENT of a trade via a typical TOTP. TOTP was never designed for that. Thats why you can't use a hard token. Because those don't do what Steam needs with regards to trade verifications

Banks have worked for years with TOTP-like systems that enrich the hashing algorithm with additional seed numbers, namely; amount transferred and the last X digits of the recipient's bank account number.

Sure; you cannot use an off-the-counter TOTP token. But you sure as hell can create and market one yourself that incorporates such secondary seeds. Steam is more than big enough to pull that off successfully.
Legutóbb szerkesztette: RiO; 2016. márc. 10., 12:05
#8
< >
18/8 megjegyzés mutatása
Laponként: 1530 50

Összes téma > Steam fórumok > Suggestions / Ideas > Téma részletei
Közzétéve: 2016. márc. 7., 15:47
Hozzászólások: 8
Új téma nyitása

Hozzászólási szabályok és irányelvek