vacancies advertise contact news tip The Vault
facebook rss twitter

Valve says around 77,000 Steam accounts are hacked every month

by Mark Tyson on 11 December 2015, 09:01

Tags: Valve

Quick Link: HEXUS.net/qacwzb

Add to My Vault: x

In an update about security and trading on its Steam Games distribution platform Valve has said that the number of Steam accounts hacked every month has grown to around 77,000. Account theft is the number one complaint of Steam users, we are told, and once an account has been compromised it is usually quickly cleaned out. Now Valve hopes that users will start to make use of two-factor authentication, via its Steam Guard Mobile Authenticator (part of the Steam mobile app), to reverse the hacked accounts growth trend.

"Having your account stolen, and your items traded away, is a terrible experience, and we hated that it was becoming more common for our customers," says Valve. However Valve points to the introduction of Steam Trading, a popular feature of the platform for many users, as sparking a twenty-fold increase in hacked account complaints. With tradable digital goods commonplace Valve says that "essentially all Steam accounts are now targets" for hackers.

Two-factor authentication

Valve is asking users to employ two-factor authentication to secure their Steam accounts, to simply try and cut down the numbers of hacked accounts. In two-factor authentication a second device is used to confirm user identity. Valve has made its own system as it provides better security than a generic app like Google Authenticator. Steam Guard Mobile Authenticator is the tool (part of the latest Steam app on Android or iOS) and users are encouraged to use it if they have a smartphone.

Trading speed bumps

As some people won't want to, or can't enable two-factor authentication for some reason, Valve has thought about removing any quick and easy profits available from hacking a Steam account. Removing trading entirely was pondered over but that's a "bad choice for users". Instead Valve has implemented delays in the trading process to give people a decent chance of noticing they have been hacked.

For those not using Steam Guard Mobile Authenticator it means you will have to wait 3 days for trading items to go through the system, or 1 day for trades with Steam friends you have had for over 1 year.

Valve regrets making its platform more difficult to use for its users but says that it was faced with a tradeoff in which it has been forced to either shut down a service or add in an extra step of security. The company will be monitoring discussions and user feedback concerning the new security approach.



HEXUS Forums :: 15 Comments

Login with Forum Account

Don't have an account? Register today!
As some people won't want to, or can't enable two-factor authentication for some reason,

My reason is their refusal to use a system that works on anything other than iOS & Android devices. If they don't want to develop for other systems that's fine, but at least offer text message codes as an alternative as MS & Google do.
spacein_vader
As some people won't want to, or can't enable two-factor authentication for some reason,

My reason is their refusal to use a system that works on anything other than iOS & Android devices. If they don't want to develop for other systems that's fine, but at least offer text message codes as an alternative as MS & Google do.

I set up mine a couple weeks ago and could swear you were allowed to just use a mobile number!
Jowsey
spacein_vader
As some people won't want to, or can't enable two-factor authentication for some reason,

My reason is their refusal to use a system that works on anything other than iOS & Android devices. If they don't want to develop for other systems that's fine, but at least offer text message codes as an alternative as MS & Google do.

I set up mine a couple weeks ago and could swear you were allowed to just use a mobile number!


I assume there is a client add to get the auth code… and no Windows Mobile version
Email works fine for me…
Also set mine up using a phone, didn't need any app installed, just the mobile number.