Steam 2FA codes allegedly got leaked. If you use 2FA with your phone number, turn it off NOW and secure your account.
Confirmed false. See comment.
Steam 2FA codes allegedly got leaked. If you use 2FA with your phone number, turn it off NOW and secure your account.
Confirmed false. See comment.
I cut Steam some slack because they were early to that particular party, so they got grandfathered in. Plus the QR signin is fairly useful (not that they couldn’t do it regardless, but still).
Their app is pretty ancient, can be kinda buggy and it’s not great overall, though.
I’m personally of the opinion that a separate app sign in is okay as an additional measure, if the app is actually useful. For example, GitHub does this well - they support TOTP, and the mobile app is okay. Steam mobile app is useful, but TOTP option as a fallback would be nice.
Maybe the most useless thing I have on this front is the Blizzard app, really. The app is not particularly useful for me, I’d rather just use TOTP, if they had the option.
Like I said I’m torn on that front. I only ever use the Steam app for QR login and TFA. Their grand design was that you’d be monitoring it as a marketplace back when they had these protoNFT ideas of how big their hats and trading cards were going to get.
But I never cared about those and they never put enough effort on the game store side of the app for it to be a better alternative than making purchases on the PC app instead, so… Would it be worth it to use a general TOTP app instead of a QR code for first time login and transaction validation? I’d say very likely, considering I already have a couple of those for a bunch of other services.
I remember reading something about Steam having some of the best login protection even before HTTPS was a thing. I gotta find that article again since it was pretty cool