Steam

639 readers

2 users here now

For Steam Game Stuff

founded 2 years ago

MODERATORS

[email protected]

89 million Steam account details just got leaked, so now's a good time to change your password (www.xda-developers.com)

submitted 1 month ago by [email protected] to c/[email protected]

36 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] Showroom7561 -1 points 1 month ago (24 children)

Given I am 99% certain Steam will not be storing my password in a compromisable way,

From what I understand, these passwords (and the accounts they are linked to) are in a usable form to whoever is buying the lists.

2FA protects you, but changing your password isn't a bad idea (and should be done on a regular basis anyway).

[–] [email protected] 2 points 1 month ago (3 children)

Is changing passwords on a regular basis actually better or just a feeling?

[–] Showroom7561 1 points 1 month ago (2 children)

It depends. If your accounts are set up to auto-reject and ban people after X number of failed logins, then a strong password (even without 2fa) should be ok for most people.

But if the service allows for unlimited login attempts, having the same password for months or years gives more time to brute force guess it.

Even in a leak like this, even without anything more than a list of passwords, it could be a valuable collection for a "dictionary password attack".

[–] SketchySeaBeast 1 points 1 month ago (1 children)

But why would the passwords be available unhashed?

[–] Showroom7561 1 points 1 month ago

Lots of unknowns, but this was a "leak", rather than a "hack". Perhaps another article might shed more light into the details of the data, and in what form those passwords are in.

load more comments (20 replies)