I feel somewhat paranoid at times, so here my question to you:

How safe do you believe your account to be?
Do you use Steam Guard?
How often do you change your (email) password.
Is security questions still a thing?
Do you have/use a Steam Support account?

I mean, we get phising mails/messages almost daily and our accounts are often one click away from being hacked. After all, one just needs your email password and you're screwed. Besides, we do use lots of other websites that use your steam account for login (steamgifts, steamcompanion, steamcardexchange, isthereanydeal, steamtradematcher, steam.tools just to name a few). Do you fully trust them?

For some people it'd be a pretty high financial damage/loss, and I hear it happen too often to people.

What do you do to protect your account/s?

/edit Forgot to add a mandatory giveaway, let me quickly search my non-activated bundle keys.
http://www.steamgifts.com/giveaway/GR8IX/

9 years ago*

Comment has been collapsed.

change email password ? never
it's safe as long as nobody know what your steam login name or your steam email
separate email registered with steam and never use it for other purpose

9 years ago
Permalink

Comment has been collapsed.

Makes sense. Maybe I should set up a new email specifically for steam, too.

Can you suggest any provider?
One that won't simply delete your account for inactivity or stuff.

9 years ago
Permalink

Comment has been collapsed.

It's easy... Get gmail and enable phone verification. Get steamguard and enable email verification. So even if they know your password they can't login in steam because they will need code from the email, and they can't login into your email because they need text from your phone.

So even if they infect you with keylogger they can't use your info. Only info they RAT you and when you are AFK they remotely use your pc to get into the email and get the code.

9 years ago
Permalink

Comment has been collapsed.

Deleted

This comment was deleted 4 years ago.

9 years ago
Permalink

Comment has been collapsed.

Deleted

This comment was deleted 2 years ago.

9 years ago
Permalink

Comment has been collapsed.

Anything you want? Have a password on the phone. Nowadays any android phone you don't need to install any tools or apps, you can track it in google, you can lock it, you can erase it. So no one will get to your phone.

Besides it won't be a problem, because you should choose "remember this pc" option so as long as you don't delete all the cookies and login from the same IP address it will log you in automatically without having to verify by text message, only password. And if you login from another location (different IP address) or delete cookies of the browser, you will then need to verify it with the phone again. When you are at someone's else house or using public WiFi you should not set "remember me" option, so that in-case someone is sniffing out your password they won't be able to login. So you will be able to easily login and change phone number.

Besides, you can recover your Gmail by either using security questions or one-time codes which you can store on a post-it note, or something along the lines. Though better not on the PC, because if you get infected / keylogged and someone finds it on your PC they will be able to login to your GMAIL. So best to take a picture of it with your phone, or write it down on a post-it. no one will know what is that meaningless long number besides you.

Not to mention you would rather call the provider and have your sim card blocked and phone number transferred to a new sim, so you won't even need to change that phone number.

9 years ago
Permalink

Comment has been collapsed.

+1

Steam guard + Gmail with phone verification combo is easy to use and secure.

9 years ago
Permalink

Comment has been collapsed.

Exactly the method I am using, I mean it's not full proof but I'd like to see someone get my email password and phone.

A couple tips though.

1) Make your email and Steam passwords something unique and complicated like a sentence of random crap and some numbers.
2) Enable Google 2 Step (if you're using Gmail and IMO you should) - https://www.google.com/landing/2step/

I'd list all the "secure your pc, dont visit bad sites etc etc" but honestly that's common knowledge and I dont think its worth saying that. Bottom line just be careful and use the added protection Google and Steam offer, gone are the days when a simple email is enough to protect. I even use a Battle.Net Authenticator for my Blizzard stuff.

9 years ago
Permalink

Comment has been collapsed.

It is full proof, but getting infected with RAT and leaving your PC afk for hours so the culprit could surf through your pc remotely is beyond help. That is equal to someone breaking in your house and using your PC to get your gmail.

And passwords don't matter with this, they can't do anything to get to your account even if they know them. Obviously doesn't mean they should set it to something easy, or should let anyone know, but anything like G3n3r1c20@ will do. Don't need to set it to "!!"(£*!%ASDKcx_123@:__+". As long as the password is not a word, or a common variation of it which a lot of people could have, dictionary attack or bruteforcing it won't work. But a lot of people get infected and their info stolen, and published online, and hackers use those passwords for dictionary attacks, like with sentry mba, since such lists of passwords work a lot better than simple dictionary words, since almost no website will let you register nowadays with a password like "apple" or "pineapple" (not complex enough).

But yeah, I gave someone my other steam and he is not good with PCs. I don't know if someone SEd the password out of him, or infected him, but from time to time I keep getting messages that someone is trying to login to that steam, to my email, but they can't since they need the code. And I know it's not my friend, since I authorized his PC.

9 years ago
Permalink

Comment has been collapsed.

Steam Guard and email with verification is fairly secure way to use steam, but you know, sometimes Valve make stupid mistakes so you have to be cautious.

9 years ago
Permalink

Comment has been collapsed.

Just to be on the safe side I don't save my credit card info to my steam account.

Also, you blacklisted me?

9 years ago
Permalink

Comment has been collapsed.

My mistake, I thought you regifted that copy of Voxelized that was given away 6,000 times.

9 years ago
Permalink

Comment has been collapsed.

Nope, I was just looking for cheap ways to raise my CV. That one got me .01 :P
Thank you

9 years ago
Permalink

Comment has been collapsed.

As long as you don't click you don't trust...

9 years ago
Permalink

Comment has been collapsed.

I use a program that manages all my passwords automatically, and to access it, one would need to know a special pass phrase of random words in a couple of sentences that makes absolutely no sense - I did not create it, but it's the only way to access it if I am unable to use the password to get into it. I have to keep this safe, otherwise I can never get my info back, as even the company itself does not have access to your info. It creates super-strong passwords for me, and stores credit cards/can mask your credit card too where you never have to use your real one(s) for purchases. I mainly got it for the useful feature of creating masked emails I could easily manage on the fly, but the program is extremely useful for a lot of other things. It is very simple to create the strongest types of passwords without having to hardly do a thing...

Not sure if this counts as advertising here, but it has a free version as well that is pretty solid and you can still do a lot without going premium (you just get extra credit cards you can store, and mask your phone as well, sync and make backups on other devices, etc with premium.). For me, it is very handy for multiple things... Anyway, all my passwords are pretty much completely safe, and it fills all of the above mentioned CC/passwords/other things automatically once it's in the utility/addon. There are of course, downsides, if your info on here got compromised, but the phrase cannot be changed, and knowing this guarantees access to this, even if the password was figured out by another person...

Albine - Blur

9 years ago
Permalink

Comment has been collapsed.

I have no trouble. I'm a lawyer and have everything stored on my mail to prove what I bought.
Any problem on steam, justice just give them official order to steam to restabilish my account with everything I bought so far.
It's their business, so, the most interested in maintain security is them. More than me that is just a "password holder".
Welcome to Brazil's Consumer Code: who holds the technology acknowledge is responsible for what its technology provides (extensions included).

9 years ago
Permalink

Comment has been collapsed.

I never worry about such things

9 years ago
Permalink

Comment has been collapsed.

I have Steam guard on, which goes to my email.
And my email...sends a pin to my phone.
And my phone... well you'll have to kill me for that.

9 years ago
Permalink

Comment has been collapsed.

my 123456 password is secure enough.

edit: changed to 1234567 since it was too easy.

9 years ago*
Permalink

Comment has been collapsed.

it was

9 years ago
Permalink

Comment has been collapsed.

To be honest my password is very silly, but I don't want to change it because we are not allowed with such easy passwords anymore.

To be on topic: I use steamguard, my mail has sms activation, I use a "dedicated" CC for buying online (which is filled only with the required amount of money) and I have nothing valuable in my inventory. Also I don't accept random invites, read spam or visit fishy websites.

9 years ago
Permalink

Comment has been collapsed.

I use Steam Guard, so if anyone ever finds out my password on Steam he still won't be able to log in without the email and email password, so I'd say Steam is pretty safe.

9 years ago
Permalink

Comment has been collapsed.

Sign in through Steam to add a comment.