SketchySeaBeast

The phone numbers I guess kind of have been, but they don't seem to be linked to an account, and the codes are useless. I think at worst people with those numbers might need to prepare for focused phishing attempts to get more info from them.

https://store.steampowered.com/news/app/593110/view/533224478739530145?l=english

Looks like I chose well.

Well, no, but if they were plaintext it wouldn't matter what they are. Regardless, I'm sure they are hashed and salted, and I'm not worried about my unique 64 character password being compromised by a dictionary attack.

And here's an article saying otherwise.

https://www.vg247.com/steam-vendor-data-breach-passwords-89-million-users-dark-web

Again, the panic smells rotten because Steam should not have a plaintext copy of your password, it should be hashed, and there's just no way steam isn't doing that.

Who shouldn't be within a thousand feet of passwords.

But why would the passwords be available unhashed?

It's not about being stubborn, it's about having enough education and professional experience in the topic to have doubts about journalist claims.

I hear that being said, but how? If Steam is following best practices of the last several decades, which I'm sure it does, it doesn't have the passwords in usable form.

I hate articles like this. Given I am 99% certain Steam will not be storing my password in a compromisable way, what is the point of changing it?

Make no sense? They all make sense:

Picture of my cat. Picture of my cat. Picture of my cat. Picture of my cat.

Yes, and at this point it's the United States' only hope.

That's not why. It's the dependency trees that run a dozen layers deep and end up importing "isEven". If you're building a react app odds are good you'll import way more code than you ever write yourself.

And no one should be leaving commented-out code in their app, that's what source control is for.