Steam Guard, is abut the same thing, that works with the Email, if you really want some emails allow you to use a Authenticator.. then you can do it like that no?

Nope email accounts can be accesed from al around the world with a password, an authenticator is a physical device which you can keep at home in a safe place! Email accounts are more unsecure!

ION4S の投稿を引用：

Nope email accounts can be accesed from al around the world with a password, an authenticator is a physical device which you can keep at home in a safe place! Email accounts are more unsecure!

So get a Gmail and for that get an authenticator, then you can be more safe by keeping your Email safe
Dose that not work for you?

And look most hijacking of accounts happen as users give away there accounts info (as well as Steam Guard) or download malware, in two of these cases an authenticator is not likely to help at all

I posted this long ago too: http://steamcommunity.com/discussions/forum/10/648814844887626337

Black Blade (Card Raining) の投稿を引用：

ION4S の投稿を引用：

Nope email accounts can be accesed from al around the world with a password, an authenticator is a physical device which you can keep at home in a safe place! Email accounts are more unsecure!

So get a Gmail and for that get an authenticator, then you can be more safe by keeping your Email safe
Dose that not work for you?

And look most hijacking of accounts happen as users give away there accounts info (as well as Steam Guard) or download malware, in two of these cases an authenticator is not likely to help at all

I personally use Google Authenticator for my Gmail which is tied to my Steam -account, but considering how many people don't want to go through the hassle.

And with the recent .srt -backdoors on computers; I do think it would be a nice change if Steam did allow a Mobile Authorization for SteamGuard, trading or the like instead of forcibly relying on e-mail which is easier to access on an infected computer; than a different piece of hardware.

If not via app necessarily, then with a SMS backup.

Anyway, as far as this comes down to:
https://steamdb.info/blog/steam-store-v6-peek/

SteamDB の投稿を引用：

On an unrelated note; two factor authentication

As you might know, SteamGuard is a 2-step authentication method, but this update brings alternative ways of authenticating besides email. The Steam Mobile app will have a built-in authenticator, but you can also use apps such as Google Authenticator (provided your phone has a camera to scan a QR code).

& http://www.reddit.com/r/Steam/comments/2hgiyh/2factor_authentication_is_coming_to_steam/

Here hoping this DOES happen.

Black Blade (Card Raining) の投稿を引用：

, in two of these cases an authenticator is not likely to help at all

Why wouldn't it? No matter how many passwords you give away, you can't give away a code that changes every 20 seconds.

If you have an authenticator that produces a code on a completely different device, it starts to get tricky to get scammed. Of course it's still theoretically possible, but you've got to start doing something really special to manage that.

FrazerJC の投稿を引用：

Black Blade (Card Raining) の投稿を引用：

, in two of these cases an authenticator is not likely to help at all

Why wouldn't it? No matter how many passwords you give away, you can't give away a code that changes every 20 seconds.

If you have an authenticator that produces a code on a completely different device, it starts to get tricky to get scammed. Of course it's still theoretically possible, but you've got to start doing something really special to manage that.

Agreed! Also, hardware you can put on a keyring like the one from blizzard is much more secure because its no software solution!

FrazerJC の投稿を引用：

Why wouldn't it? No matter how many passwords you give away, you can't give away a code that changes every 20 seconds.

If you have an authenticator that produces a code on a completely different device, it starts to get tricky to get scammed. Of course it's still theoretically possible, but you've got to start doing something really special to manage that.

They can pass it using the same way they did Steam guard in the past
Fake Steam site
You login, it ask you for Steam guard code (Authenticator code) then when you put it in, that dose the same on the Real Steam site, and there in, not that hard..

Over all i can understand in case your email is taken from you, but most cases also now do not involve someone Stealing the users Email

Black Blade (Card Raining) の投稿を引用：

FrazerJC の投稿を引用：

Why wouldn't it? No matter how many passwords you give away, you can't give away a code that changes every 20 seconds.

If you have an authenticator that produces a code on a completely different device, it starts to get tricky to get scammed. Of course it's still theoretically possible, but you've got to start doing something really special to manage that.

They can pass it using the same way they did Steam guard in the past
Fake Steam site
You login, it ask you for Steam guard code (Authenticator code) then when you put it in, that dose the same on the Real Steam site, and there in, not that hard..

Over all i can understand in case your email is taken from you, but most cases also now do not involve someone Stealing the users Email

Yeah, but it takes care of the .srt -infections, which are by far more common than look-a-like websites right now.

If it's tied to trading (not exclusive to trade offers) the same way trade offers are tied to e-mail now; where if turned off Steam Support is under no obligation to help, it might actually decrease the amount of scams in the form they are in now.

What I'm referring to, is this http://steamcommunity.com/my/edit/settings/ -> Of course, it should be an alternate option for SteamGuard overall, because infected computers; don't mean infected cellphones.

Black Blade (Card Raining) の投稿を引用：

They can pass it using the same way they did Steam guard in the past
Fake Steam site
You login, it ask you for Steam guard code (Authenticator code) then when you put it in, that dose the same on the Real Steam site, and there in, not that hard..

Over all i can understand in case your email is taken from you, but most cases also now do not involve someone Stealing the users Email

This is a problem with Steam, not with the concept of an authentication code sent to a different device.

If this was a wide problem with this kind of 2tier authentication, wouldn't you hear stories of people losing their Gmail, etc, accounts by handing over their authentication file?

Don't bash the concept. Bash the implementation of the concept.

FrazerJC の投稿を引用：

This is a problem with Steam, not with the concept of an authentication code sent to a different device.

If this was a wide problem with this kind of 2tier authentication, wouldn't you hear stories of people losing their Gmail, etc, accounts by handing over their authentication file?

Don't bash the concept. Bash the implementation of the concept.

I am not talking abut uploading the SSN file, i am talking abut people login on a mirror site, then the authentication is just the same as Steam Guard in most ways..

And over all i am not trying to say the idea it self is bad, my self i do not believe il use it, as i do not believe its really helpful, and i even believe that its more verbal then what Steam Guard is (but for that il need to make sure my assumption on how the authentication works is correct so il not get into that, before i confirm that)

But i do not think its honestly much better then what Steam Guard is today, Stealing the SSN dose not block in the case of Steam Guard or an Authenticator
What i am try to figure out, is what is it better then Steam Guard?, as i said most cases the Email was not taken, so going with that assumption i can say that the Code of Steam Guard is is safe as the Authenticator code is
Non of them are reachable by the scammer, as for that why i give the mirror site phishing, and not the SSN stealing or the Malware, two of these ways will not help not with the Authenticator or with Steam Guard
So how is the Authenticator better then Steam Guard is what i am asking..

Black Blade (Card Raining) の投稿を引用：

So how is the Authenticator better then Steam Guard is what i am asking..

The only realistic benefit is that the authenticator is not reliant on email which makes it 'faster' since email was never designed a time sensitive delivery mechanism.

http://blog.authy.com/google-voice

Even sms Authenticators can be broken if you're not using it correctly

Black Blade (Card Raining) の投稿を引用：

FrazerJC の投稿を引用：

This is a problem with Steam, not with the concept of an authentication code sent to a different device.

If this was a wide problem with this kind of 2tier authentication, wouldn't you hear stories of people losing their Gmail, etc, accounts by handing over their authentication file?

Don't bash the concept. Bash the implementation of the concept.

I am not talking abut uploading the SSN file, i am talking abut people login on a mirror site, then the authentication is just the same as Steam Guard in most ways..

And over all i am not trying to say the idea it self is bad, my self i do not believe il use it, as i do not believe its really helpful, and i even believe that its more verbal then what Steam Guard is (but for that il need to make sure my assumption on how the authentication works is correct so il not get into that, before i confirm that)

But i do not think its honestly much better then what Steam Guard is today, Stealing the SSN dose not block in the case of Steam Guard or an Authenticator
What i am try to figure out, is what is it better then Steam Guard?, as i said most cases the Email was not taken, so going with that assumption i can say that the Code of Steam Guard is is safe as the Authenticator code is
Non of them are reachable by the scammer, as for that why i give the mirror site phishing, and not the SSN stealing or the Malware, two of these ways will not help not with the Authenticator or with Steam Guard
So how is the Authenticator better then Steam Guard is what i am asking..

I'll explain this one more time.

Nowadays mirror sites aren't as much used as the trading window picture -links, see Help & Tips -subforum and you'll see what I'm on about. The pictures are used in the trading context of luring the said victim into entering the website by pretending it's an image of someone's item(s). Turns out however, that these picture links aren't pictures but redirection links that lead to a whole different website.

The other website is one the said hijacker has uploaded a malicious .srt file to, which behaves similarly to that of malicious executables. The website has a download parameter, usually visible as a suffix, like &dl=1 where the 1 is binary code for 'enabled' and the dl is the acronym for download. (and that's just an example.)

This virus behaves like a RAT (Remote Access Tool) which allows the hijacker to control your computer for trading your items away to some other account. Now if Steam had a Mobile Authentication, for say 'every single trade window' (which admittedly would be tedious; but again let's treat it as an example) the likelyhood of them being able to trade your items away would decrease in a diminishing factor; in comparison to having it send you an email which might have stored credentials on your computer.

Teutep の投稿を引用：

I'll explain this one more time.

Nowadays mirror sites aren't as much used as the trading window picture -links, see Help & Tips -subforum and you'll see what I'm on about. The pictures are used in the trading context of luring the said victim into entering the website by pretending it's an image of someone's item(s). Turns out however, that these picture links aren't pictures but redirection links that lead to a whole different website.

The other website is one the said hijacker has uploaded a malicious .srt file to, which behaves similarly to that of malicious executables. The website has a download parameter, usually visible as a suffix, like &dl=1 where the 1 is binary code for 'enabled' and the dl is the acronym for download. (and that's just an example.)

This virus behaves like a RAT (Remote Access Tool) which allows the hijacker to control your computer for trading your items away to some other account. Now if Steam had a Mobile Authentication, for say 'every single trade window' (which admittedly would be tedious; but again let's treat it as an example) the likelyhood of them being able to trade your items away would decrease in a diminishing factor; in comparison to having it send you an email which might have stored credentials on your computer.

I rarely heard of the case of a RAT, on Steam, i did hear cases of Mirror sites that change over time, to upload your SSN that then change to Download malware that upload that SSN by it self (that then change to the bots, but that was some what killed out as of late)

The thing is, a mirror site can be used by a bot, and only a bot, with no human act, what makes it much more dangers over all then a RAT system that is over all meaning that a human needs to do it (that is a much more slow process), as well as mean the users system is pretty exposed
But that how ever is a good point for why it is good

Satoru の投稿を引用：

The only realistic benefit is that the authenticator is not reliant on email which makes it 'faster' since email was never designed a time sensitive delivery mechanism.

http://blog.authy.com/google-voice

Even sms Authenticators can be broken if you're not using it correctly

Well that is one more true point on that, even that it dose mean you have to type it manually, and cant just copy paste it, so it may be a little less convenient over all

Also just asking, what you do with the battery of the Authenticator die out? how can you maybe disable it? are you doing that with an Email? or will each will have to connect support for that, in case it takes time for the Authenticator to get to you?

Black Blade, spend the next 3 days on the Help & Tips -side.

You'll see just how common that scam is nowadays.

Teutep の投稿を引用：

Black Blade, spend the next 3 days on the Help & Tips -side.

You'll see just how common that scam is nowadays.

Il try, my problem is the notifications can only hold a little over 100, and its hard for me to keep track there but il try to follow it more there