A note about the security of your Steam account
-
This post did not contain any content.
-
System shared this topic on
-
This post did not contain any content.
I appreciate they took the time to do this. Still though, when was the last time you changed your steam password? Regardless of this it never hurts to update it
-
I appreciate they took the time to do this. Still though, when was the last time you changed your steam password? Regardless of this it never hurts to update it
Nah. The need to regularly change passwords is unnecessary. If you use a sufficiently long password, unique passwords for every site, and 2FA/MFA for "important" logins, then you're good.
Businesses requiring their staff to regularly cycle passwords is outdated and makes their systems less resilient, since it opens more angles for social engineering attacks or password security carelessness.
-
Nah. The need to regularly change passwords is unnecessary. If you use a sufficiently long password, unique passwords for every site, and 2FA/MFA for "important" logins, then you're good.
Businesses requiring their staff to regularly cycle passwords is outdated and makes their systems less resilient, since it opens more angles for social engineering attacks or password security carelessness.
I'm not saying every three months, but after 5-7 years like me, it's probably just a good idea. Who knows what devices have the passwords saved on it still
-
I appreciate they took the time to do this. Still though, when was the last time you changed your steam password? Regardless of this it never hurts to update it
Just might do that. Thanks for the tip.
-
I appreciate they took the time to do this. Still though, when was the last time you changed your steam password? Regardless of this it never hurts to update it
- Don't use the same password on Steam that you use from other services.
- Use a long password, with random characters and numbers.
- Use a password manager.
- Do not click on links in emails, unless you are 100% sure its from Valve. Better yet, visit Steam in your browser or the Steam app and search for the page there directly. Do not login on random websites requiring you to login to Steam.
- Do not click on links in chat from people you don't know or added recently to your friends list.
- Set your Steam profile to private, or enable it for friends only at best. Especially if you have lot of skins.
- Ultimate weapon: Use official 2FA (2 factor authentication) with Steam app on your phone. Do not lose your phone, as you cannot login to Steam otherwise.
No security is perfect, but following these basic rules will help you to secure your account. And there shouldn't be any need to reset the password often. If you feel better, reset it once per year or so. I don't.
-
I appreciate they took the time to do this. Still though, when was the last time you changed your steam password? Regardless of this it never hurts to update it
Been over a decade.
Nist says if the account is protected by MFA password expiry isn't needed.
-
Nah. The need to regularly change passwords is unnecessary. If you use a sufficiently long password, unique passwords for every site, and 2FA/MFA for "important" logins, then you're good.
Businesses requiring their staff to regularly cycle passwords is outdated and makes their systems less resilient, since it opens more angles for social engineering attacks or password security carelessness.
Unique is probably the most important thing. Well, and not using "password123" of course. As long as its not easy to guess the main thing you want to avoid is password reuse because you don't know how securely its being stored. May well get leaked as plaintext some day which some of mine certainly have been over time.
That is when I learnt that no, a "very secure" password that you use everywhere isn't very secure at all.
-
Unique is probably the most important thing. Well, and not using "password123" of course. As long as its not easy to guess the main thing you want to avoid is password reuse because you don't know how securely its being stored. May well get leaked as plaintext some day which some of mine certainly have been over time.
That is when I learnt that no, a "very secure" password that you use everywhere isn't very secure at all.
not using "password123"
So "Password123!" Is still good, then?
