All Discussions > Steam Forums > Steam Community > Topic Details
Toonett Aug 22, 2024 @ 8:08pm
password protected files
hello, i'm wondering if someone with some tech knowledge can explain why some games install files that are password protected. are they necessary ? if yes, why ? and then why are there a lot of games that don't use password protected files ?
it bothers me when i'm running AV scans on my computer lol
thanks !

Something went wrong while displaying this content. Refresh

Error Reference: Community_9734361_
Loading CSS chunk 7561 failed.
(error: https://community.fastly.steamstatic.com/public/css/applications/community/communityawardsapp.css?contenthash=789dd1fbdb6c6b5c773d)
The author of this topic has marked a post as the answer to their question.
Click here to jump to that post.
Originally posted by Yujah:
Originally posted by Toonett:
can these files be dangerous ?
Not in and of themselves, no. Password protection / encryption here in this context is as mentioned not a general thing, but e.g. specifically password protected archives of game resource files. For something to be "dangerous" said something needs to be run, or at the very least parsed by something else which then would be the dangerous, malicious or buggy, thing.

In principle, sure, malicious content could attempt to hide itself inside of (standard) encrypted archives or other files so as to not be able to be scanned -- and that's what your AV is warning you about. It is not telling you that it found anything dangerous, not even as a false positive, but that it couldn't scan some given blob on your disk to conversely tell you it's fine. Pretty uselessly so if you'd ask me, given that something actually malicious could better hide itself in something that would to an AV-scanner look like random binary data rather than anything it would even recognize as something password-protected in the first place, but whatever.

It's the thing generally that you can only responsibly use an AV-scanner when aware that you need to in a very, very vast majority of cases ignore its cries for attention.

Anycase. The best answer to your question, then, is "No". The worst answer is the correct one, i.e., the one that says that anything is in the end possible.
Showing 1-6 of 6 comments
SLG Aug 23, 2024 @ 3:41am 
Password protected simply means the file is protected with a password. This is done by the developer/programmer to ensure nobody is able to reverse engineer the file to view the source code.
Last edited by SLG; Aug 23, 2024 @ 3:42am
#1
Toonett Aug 23, 2024 @ 9:53am 
Originally posted by Lee:
Password protected simply means the file is protected with a password. This is done by the developer/programmer to ensure nobody is able to reverse engineer the file to view the source code.

thanks for your reply !
it makes sense. however i'm still wondering why some games have password protected files and other games don't.
one thing i could imagine is maybe it's to help against hackers ? for instance the one password protected file that's currently on my PC is a file in the anticheat directory for a game. i guess i'll have to verify if it holds true for different anticheats as I download new games.
however i know for a fact some devs use this for game files themselves, up until recently i had a steam game with nearly 300 password protected files on my computer.
another guess we can make is that maybe it's to make the game files harder to crack for pirated versions ? doesn't seem to be effective though.

would greatly appreciate some additional insight into the matter if anyone has some knowledge to share ! tyvm :)
#2
Yujah Aug 23, 2024 @ 10:46am 
"Password protected files" are not so much a general thing; you presumably refer specifically to password protected archives, i.e., "zip files" say, that have some format-specific encryption implemented for them.

Yes, many games pack resources using some more or less standard archive format, and may encrypt it to make it harder for a user to e.g. unpack the archive, replace some resource and repack it. Other games could protect against modifications through e.g. hashes or simply not care. Latter would be the norm on PC at least for single-player games.

I.e., not a very interesting sort of thing; just a game-specific implementation detail.
#3
Toonett Aug 23, 2024 @ 10:58am 
Originally posted by Yujah:
"Password protected files" are not so much a general thing; you presumably refer specifically to password protected archives, i.e., "zip files" say, that have some format-specific encryption implemented for them.

Yes, many games pack resources using some more or less standard archive format, and may encrypt it to make it harder for a user to e.g. unpack the archive, replace some resource and repack it. Other games could protect against modifications through e.g. hashes or simply not care. Latter would be the norm on PC at least for single-player games.

I.e., not a very interesting sort of thing; just a game-specific implementation detail.

thanks for your reply !
mhm I see. I have a follow up question if you don't mind :
can these files be dangerous ? say I download loads of games and end up with a huge list of password encrypted files that aren't scanned by my AV, i'm not gonna manually check hundreds or thousands of these, and catch a virus in yet another encrypted file from one source or another, am I just done ?
that's the thing that worries me about stacking files that are excluded from my AV scans.
#4
The author of this thread has indicated that this post answers the original topic.
Yujah Aug 23, 2024 @ 11:48am 
Originally posted by Toonett:
can these files be dangerous ?
Not in and of themselves, no. Password protection / encryption here in this context is as mentioned not a general thing, but e.g. specifically password protected archives of game resource files. For something to be "dangerous" said something needs to be run, or at the very least parsed by something else which then would be the dangerous, malicious or buggy, thing.

In principle, sure, malicious content could attempt to hide itself inside of (standard) encrypted archives or other files so as to not be able to be scanned -- and that's what your AV is warning you about. It is not telling you that it found anything dangerous, not even as a false positive, but that it couldn't scan some given blob on your disk to conversely tell you it's fine. Pretty uselessly so if you'd ask me, given that something actually malicious could better hide itself in something that would to an AV-scanner look like random binary data rather than anything it would even recognize as something password-protected in the first place, but whatever.

It's the thing generally that you can only responsibly use an AV-scanner when aware that you need to in a very, very vast majority of cases ignore its cries for attention.

Anycase. The best answer to your question, then, is "No". The worst answer is the correct one, i.e., the one that says that anything is in the end possible.
#5
Toonett Aug 23, 2024 @ 11:59am 
Originally posted by Yujah:
Originally posted by Toonett:
can these files be dangerous ?
Not in and of themselves, no. Password protection / encryption here in this context is as mentioned not a general thing, but e.g. specifically password protected archives of game resource files. For something to be "dangerous" said something needs to be run, or at the very least parsed by something else which then would be the dangerous, malicious or buggy, thing.

In principle, sure, malicious content could attempt to hide itself inside of (standard) encrypted archives or other files so as to not be able to be scanned -- and that's what your AV is warning you about. It is not telling you that it found anything dangerous, not even as a false positive, but that it couldn't scan some given blob on your disk to conversely tell you it's fine. Pretty uselessly so if you'd ask me, given that something actually malicious could better hide itself in something that would to an AV-scanner look like random binary data rather than anything it would even recognize as something password-protected in the first place, but whatever.

It's the thing generally that you can only responsibly use an AV-scanner when aware that you need to in a very, very vast majority of cases ignore its cries for attention.

Anycase. The best answer to your question, then, is "No". The worst answer is the correct one, i.e., the one that says that anything is in the end possible.

mhm i see, thanks a lot for your detailed answer !
so i guess i shouldn't worry too much about it.. still annoys me to see X number of files excluded from my scans :(
i guess i'm gonna have to deal with it, i wish devs used different means to protect their data, like hashes like you said or something, but i have to admit i don't know the pros and cons of each method :x
anyways, thanks for your help !
#6
Showing 1-6 of 6 comments
Per page: 1530 50

All Discussions > Steam Forums > Steam Community > Topic Details
Date Posted: Aug 22, 2024 @ 8:08pm
Posts: 6
Start a New Discussion

Discussions Rules and Guidelines