Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Am I screwed by this problem with Steam?

Orange Furball

Orange Furball

macrumors 65816
Original poster
May 18, 2012
1,325
9
Scranton, PA, USA
I got my first steam account a few years ago. For some reason I could never remember the password and would always have to change it when switching computers. The last time i tried to change it, i realized my email address was compromised and the hacker changed the password. I now cannot change my password for steam or enter my email. I bought a few games on there and don't want to loose them (ARMA 2 mainly..) as I just spent all my money on my computer and cant repurchase them. This story sounds so fake I can't tell Steam. :(
 
email... is one of those things you want the HIGHEST security on... you should never let email get compromised, its like keys to the kingdom. Anyone with access to your email can reset passwords for everything, including your bank accounts... or anything else you can think of.
 
doh123 said:
email... is one of those things you want the HIGHEST security on... you should never let email get compromised, its like keys to the kingdom. Anyone with access to your email can reset passwords for everything, including your bank accounts... or anything else you can think of.
Click to expand...

Yeah... I learned my lesson with my new ones. This old one was an AIM one from the early 2000s. I didn't really know how to stay safe back then.

As for steam, I'll contact support. Thanks
 
Your e-mail and bank account should have two very strong and different passwords, that don't link back to any of your other online accounts. I use e-mail aliases to sever any ties between say a bank account and a forum account. That way even if someone hacks a website you visit and gets your e-mail, it's just an alias that can quickly be deleted and replaced with something else.

Basically, I keep three levels of e-mail addresses. Top level priority is my Bank account e-mail, which no one knows except me. Beyond that is my money transactions e-mail account, Steam/Amazon/Newegg. Lastly, is my forum and social networking account e-mail MacRumors/Twitter/AnandTech.

You need to contact steam, they will help you regain access to your account.
 
gmail is rather secure if you go in the options and set up the 2 factor authorization. You'll only be able to connect with the password and with the second way, which will be through a code sent via text message, automated voice call, or with the Google Authenticator phone app. No one can get access to the email by password alone that way.
 
doh123 said:
gmail is rather secure if you go in the options and set up the 2 factor authorization. You'll only be able to connect with the password and with the second way, which will be through a code sent via text message, automated voice call, or with the Google Authenticator phone app. No one can get access to the email by password alone that way.
Click to expand...

I read this and I'm not clear. Could you explain exactly what is being achieved by 2 factor authoriztion and how it works? Thanks!
 
Huntn said:
I read this and I'm not clear. Could you explain exactly what is being achieved by 2 factor authoriztion and how it works? Thanks!
Click to expand...

When you set it up, you have to give them your phone number to link to your account. You can then get a code via text message or automatic voice call to enter in when asked for a code. These codes are generated based on a formula and are only good for a short window (like 1 minute I think), and will be different and asked for every time you try to access your email from a new device.

The Authenticator App you can add after you have that set up... it basically just lets you generate codes locally so that you don't have to wait for a text message or voice call. I have the authenticator app for my gmail accounts, and Dropbox too.

If anyone ever breaks their method of generating codes... it could be bad (but then easily changed), but I doubt that will happen. Many companies (even online games) have moved over to using this type of a method.
 
Mundty said:
Your e-mail and bank account should have two very strong and different passwords, that don't link back to any of your other online accounts. I use e-mail aliases to sever any ties between say a bank account and a forum account. That way even if someone hacks a website you visit and gets your e-mail, it's just an alias that can quickly be deleted and replaced with something else.

Basically, I keep three levels of e-mail addresses. Top level priority is my Bank account e-mail, which no one knows except me. Beyond that is my money transactions e-mail account, Steam/Amazon/Newegg. Lastly, is my forum and social networking account e-mail MacRumors/Twitter/AnandTech.

You need to contact steam, they will help you regain access to your account.
Click to expand...

What do you mean by aliases? 3 separate accounts? I may change my bank one to a 32 digit pass code and my eBay and PayPal to a 24 digit one. My main Gmail will stay as is for forums and whatnot. I only use paypal to buy things so I don't need to go back on every website I buy things off of and change them.
 
Last edited:
doh123 said:
When you set it up, you have to give them your phone number to link to your account. You can then get a code via text message or automatic voice call to enter in when asked for a code. These codes are generated based on a formula and are only good for a short window (like 1 minute I think), and will be different and asked for every time you try to access your email from a new device.

The Authenticator App you can add after you have that set up... it basically just lets you generate codes locally so that you don't have to wait for a text message or voice call. I have the authenticator app for my gmail accounts, and Dropbox too.

If anyone ever breaks their method of generating codes... it could be bad (but then easily changed), but I doubt that will happen. Many companies (even online games) have moved over to using this type of a method.
Click to expand...

Thank you for this explanation. Does the Authenticator App have to reside on a phone or can it be on your Mac? This page seems to indicate it must reside on your phone.
 
I regained the use of my old account by proving who I was with bank statements. I told them what was on my account, the dates of 3 transactions and the debit card used to buy them with.

This was years ago though. I don't know if they've changed their system.
 
God help me. I figured out the password. Now this damned code thing is holding me back

Edit: ... somehow, I got into my AIM. I got the code and all is well now!!!
 
Last edited:
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back