Steam is too poor to do this. I heard they are almost broke. /s

Kai の投稿を引用：

Additionally, it still serves no purpose.

No, it just serves purposes you don't consider important.

Kai の投稿を引用：

Quint the Alligator Snapper の投稿を引用：

You cited the possibility of hijackers changing account names, but you neglected the possibility of legitimate users changing account names to secure them from hijackers.

And you neglected to include how changing that information only causes more people to be vulnerable. Which again, like so many of your posts in favor of this idea, is completely void of any rational reasoning for why this idea is a good thing.

In your desire to put down what I'm saying, you didn't realize that those accounts whose login names are changed by hijackers are already being hijacked, so this isn't "more people" at all.

Kai の投稿を引用：

Let's say your login name is "mystinkybutt" and you were an idiot and gave your info out to a scam site (because there are no such things as hijackers with Steam Guard...) and then changed your user name immediately after because you realized how dumb you were to do that. New user shows up and goes "ha, yeah, I want my login name to be "mystinkybutt" because I too think it is a funny name." so now because you were an idiot for 0.5s, his account is now compromised because you changed your login name.

1. There's no reason for a hijacker to wait on the chance that the someone else might be using the name "mystinkybutt". For them to keep that would be little better than trying to use a dictionary attack.

2. The hijacker would have the wrong password anyway. Unless for whatever reason your password and that other user's password were somehow the same.

3. The hijacker would already have a login to your account where they can see your account details -- including the fact that you changed your login name. Note that you don't ned the login name to see the account info page.

Kai の投稿を引用：

So again, this idea is objectively terrible and your reason for why you want it is factually worthless in every scenario when it involves opening up others to your own mistakes.

You keep trying to declare it bad and then miss the glaring flaws in your reasoning through the scenario that you claim shows the problems with the idea.

Start_Running の投稿を引用：

And you neglected to include how changing that information only causes more people to be vulnerable. Which again, like so many of your posts in favor of this idea, is completely void of any rational reasoning for why this idea is a good thing.

And I didn't actually forget that.

Good try claiming it after the fact.

Start_Running の投稿を引用：

Its just that people using it as intended with prioper responsibility are never the issue. But there's also another scenario of users changing their usernames, and then forgetting said username...and oh look we're back to the recovery problem.

It appears that you haven't used websites that make use of login names and thus have no experience with "forgot my username" features.

Meanwhile, account names (and thus login names) are sent via e-mail in plaintext. A login name change can generate an automated e-mail notifying the user what they've changed their login name to.

And this is in addition to the fact that every time a user starts up Steam, Steam shows their login name.

Start_Running の投稿を引用：

As said. If valve has to re do the database they might. I mean honestly it justt means they'd have to have a user name, a login name, a userID and an account ID for every account....yeah that seems like more trouble than its worth, better someone live with the regret of the poorly chosen username

"a user name, a login name, a userID, and an account ID"? There's currently an account name which doubles as the login name, and an account ID. Making a separate login name field would just involve adding a field to the database. And that's three fields, not even the four you mentioned.

Meatwad の投稿を引用：

When will we run out of account names? I remember hearing that if you delete an account you can’t reuse it’s name which doesn’t really make sense if it’s true.

They do this most likely to avoid possible clashes with the DB, let say someone deletes an account, and someone makes an account with the same name right after, it may have a case of the DB other part linking the same user name as the primary key of both of them creating all kind of issues (let's say handing there VAC ban on the new account, or giving them games there not support to own and so on)

It will likely take a really long time before we run out of names like name1993293943949394342 and so on

Meatwad の投稿を引用：

When will we run out of account names? I remember hearing that if you delete an account you can’t reuse it’s name which doesn’t really make sense if it’s true.

26 letters * 2 cases (upper/lower) + 10 digits is 62 possibilities for each character. That's 56.8 billion possibilities for just 6 character names.
And that doesn't count non-English letters or numbers nor punctuation allowed. Because at the very least, the @ is allowed as really old accounts used their email address for their login name.

Drab の投稿を引用：

Steam is too poor to do this. I heard they are almost broke. /s

Or maybe its because companies can't just spend a lot of money on what is an almost useless feature and not risk pissing off investors who may just pull there money out of the company.

The fact is this is a high effort/little reward endeavor for Valve.

Ducks on Fire の投稿を引用：

Drab の投稿を引用：

Steam is too poor to do this. I heard they are almost broke. /s

Or maybe its because companies can't just spend a lot of money on what is an almost useless feature and not risk pissing off investors who may just pull there money out of the company.

The fact is this is a high effort/little reward endeavor for Valve.

That's it. Jusrt because you have alot of money doesn't mean you're in a mind to blow it on useless things. This mayhaps is the sort of mentality that tends to leave many lottery winnders worse off than if they'd never won.

Ducks on Fire の投稿を引用：

Or maybe its because companies can't just spend a lot of money on what is an almost useless feature and not risk pissing off investors who may just pull there money out of the company.

The fact is this is a high effort/little reward endeavor for Valve.

The feature does have an important security benefit for any users whose accounts have been the target of hijackings or attempted hijackings before.

Start_Running の投稿を引用：

That's it. Jusrt because you have alot of money doesn't mean you're in a mind to blow it on useless things. This mayhaps is the sort of mentality that tends to leave many lottery winnders worse off than if they'd never won.

Do you stop to check whether the comparison you're trying to make has any relevance?

Quint the Alligator Snapper の投稿を引用：

Ducks on Fire の投稿を引用：

Or maybe its because companies can't just spend a lot of money on what is an almost useless feature and not risk pissing off investors who may just pull there money out of the company.

The fact is this is a high effort/little reward endeavor for Valve.

The feature does have an important security benefit for any users whose accounts have been the target of hijackings or attempted hijackings before.

Start_Running の投稿を引用：

That's it. Jusrt because you have alot of money doesn't mean you're in a mind to blow it on useless things. This mayhaps is the sort of mentality that tends to leave many lottery winnders worse off than if they'd never won.

Do you stop to check whether the comparison you're trying to make has any relevance?

If your account is compromised and you follow the steps to secure it you'll be fine as long as you don't repeat the mistakes that lead to being compromised in the first place. Changing your name isn't going to help that. Your also account has a unique ID number IIRC anyways so changing your name wouldn't affect that. Plus a lot off people arguing for the change seem more to just be embarrassed by the old name.

I agree with the comparison to lotto winners being rather odd and unrelated though. That's a whole different thing entirely.

Ducks on Fire の投稿を引用：

Quint the Alligator Snapper の投稿を引用：

The feature does have an important security benefit for any users whose accounts have been the target of hijackings or attempted hijackings before.

Do you stop to check whether the comparison you're trying to make has any relevance?

If your account is compromised and you follow the steps to secure it you'll be fine as long as you don't repeat the mistakes that lead to being compromised in the first place. Changing your name isn't going to help that. Your also account has a unique ID number IIRC anyways so changing your name wouldn't affect that. Plus a lot off people arguing for the change seem more to just be embarrassed by the old name.

I agree with the comparison to lotto winners being rather odd and unrelated though. That's a whole different thing entirely.

In July 2015, hijackers found a security flaw in Steam's password recovery page. It allowed anyone who simply knew the login name to reset any user's password to a new password of the hijacker's choice. (You can look up "steam july 2015 password recovery" in any search engine and read up about it.) Then, armed with the new password, a hijacker could attempt to login. Even for accounts that were using Steam Guard (which at the time was 2FA by e-mail), it resulted in disruption of service.

This is a real-life example of a problem that occurs when one's login name is exposed. And, in fact, as even opponents of this proposal have pointed out, the login name is supposed to be kept confidential. So it makes sense that everyone -- or at least everyone whose login names have ever been used in hijackings or hijacking attempts -- ought to be able to change theirs.

Meanwhile, the fact that the unique ID number already exists shows that Steam doesn't actually need to depend on the login name as the identifier.

And people wanting to change their login names because they're embarrassing isn't a reason to not let people change their login names. Unless one is spiteful, I guess.

In the context of what I was replying to it is rather relevant. Ie the idea that just having lots of money means one should spend it carelessly, A tiger trap the many lottery winners fall into.

But yeah. There is no meaningful security benefit. A secure password, and not giving out your login credentials is basically all you need to keep any account secure.

Start_Running の投稿を引用：

In the context of what I was replying to it is rather relevant. Ie the idea that just having lots of money means one should spend it carelessly, A tiger trap the many lottery winners fall into.

But it's not careless spending to improve web service security.

Start_Running の投稿を引用：

But yeah. There is no meaningful security benefit. A secure password, and not giving out your login credentials is basically all you need to keep any account secure.

And a piece of those login credentials has become public, for at least a subset of users. They at least should be able to change their login credentials in order to properly secure their account.

https://store.steampowered.com/account/

you can change email, password, mobile, and auth settings

More added features and security is a plus in my book. Plus might free up some account names in the process

Quint the Alligator Snapper の投稿を引用：

Start_Running の投稿を引用：

In the context of what I was replying to it is rather relevant. Ie the idea that just having lots of money means one should spend it carelessly, A tiger trap the many lottery winners fall into.

But it's not careless spending to improve web service security.

Start_Running の投稿を引用：

But yeah. There is no meaningful security benefit. A secure password, and not giving out your login credentials is basically all you need to keep any account secure.

And a piece of those login credentials has become public, for at least a subset of users. They at least should be able to change their login credentials in order to properly secure their account.

Except that account security is just fine as it is. I could give everyone my login username right now and nobody would be able to get in. Why? Because I have Steam Guard. Gabe Newell himself proved this by giving out his login info, but no one was able to get in due to Steam Guard. People get hijacked after giving out Steam Guard codes. Do you see a pattern here?

Meatwad の投稿を引用：

More added features and security is a plus in my book. Plus might free up some account names in the process

Your account name literally doesn't matter anyways as only you can see it.