Steam 2FA codes allegedly got leaked. If you use 2FA with your phone number, turn it off NOW and secure your account.
Confirmed false. See comment.
Steam 2FA codes allegedly got leaked. If you use 2FA with your phone number, turn it off NOW and secure your account.
Confirmed false. See comment.
Fuck off and let me use my own TOTP app already.
I cut Steam some slack because they were early to that particular party, so they got grandfathered in. Plus the QR signin is fairly useful (not that they couldn’t do it regardless, but still).
Their app is pretty ancient, can be kinda buggy and it’s not great overall, though.
I remember reading something about Steam having some of the best login protection even before HTTPS was a thing. I gotta find that article again since it was pretty cool
Steam is one of the few apps that I’m fully okay with having on my phone and using for 2fa. I especially like that when I go to login it’s like Discord where I can scan a QR code to confirm from the App instead of having to type in a number that expires. Like it would be nice to have the other functionality as well but I’m content with their current system
I don’t mind that they have 2FA features in their app. I mind that using SMS for this has been known to be bad practice for years and they’ve tried to leverage that insecurity to push users to the Steam app. It’s reckless and this current data breach is only possible because of it.
Although it is not officially supported you can do this: https://github.com/keepassxreboot/keepassxc/discussions/9591
I did it years ago (I would say 10+ years) and it works perfectly fine.
You can also extract and give it to bitwarden as well for those folks using that.