New 'must use phone for everything' SUCKS!

All Discussions > Steam Forums > Suggestions / Ideas > Topic Details

JunglePredator 7 Sep @ 4:15pm

This whole bovine excrement about the phone making all the purchases & sales more safe by 'requiring an additional action' is wrong.

All you've done is move the security to a small, easily stolen, highly targeted device that must leave the physical security I have in place around my other devices from time to time.
So instead of having the actions on separate devices like would be a good idea... they can just do everything from one device that is easy to steal (including accessing the account & selling everything).

It doesn't have any additional protection beyond my PC; the PC has all the same logical protections & would actually be harder for someone to steal because it's 27 KG.
Add to it the black market for stolen devices, even locked, increasing the phone's likely hood to be what anyone stealing from me would actually look for & all this 'must use the phone' has actually decreased the security of my account.

To top everything off all the buttons & such are so small on the phone that I intentionally avoid doing anything that involves more than posting a message because the chances of a mis-strike is so high.

Please remove the requirement for the phone unless some requirements are met such as:

More than 5 sales and purchases in a day
Noticeably more funds in a single transaction than the account usually deals with
Item being bought or sold is a 'rare' item to be processed (i.e. only sold once a year)
Region of purchasing device has recently changed

If such a change is made even then another change should be made: that an 'additional action' must be completed on a different device. Action being placed from someone's phone? They must confirm from a different device & vice versa. As it stands now it's not multi-device... it's 'they know how to use the account's phone'.

< >

Showing 1-9 of 9 comments

cSg|mc-Hotsauce 7 Sep @ 4:33pm

Originally posted by JunglePredator:
New 'must use phone for everything' SUCKS!

This whole bovine excrement about the phone making all the purchases & sales more safe by 'requiring an additional action' is wrong.

All you've done is move the security to a small, easily stolen, highly targeted device that must leave the physical security I have in place around my other devices from time to time.
So instead of having the actions on separate devices like would be a good idea... they can just do everything from one device that is easy to steal (including accessing the account & selling everything).

It doesn't have any additional protection beyond my PC; the PC has all the same logical protections & would actually be harder for someone to steal because it's 27 KG.
Add to it the black market for stolen devices, even locked, increasing the phone's likely hood to be what anyone stealing from me would actually look for & all this 'must use the phone' has actually decreased the security of my account.

To top everything off all the buttons & such are so small on the phone that I intentionally avoid doing anything that involves more than posting a message because the chances of a mis-strike is so high.

Please remove the requirement for the phone unless some requirements are met such as:

More than 5 sales and purchases in a day
Noticeably more funds in a single transaction than the account usually deals with
Item being bought or sold is a 'rare' item to be processed (i.e. only sold once a year)
Region of purchasing device has recently changed

If such a change is made even then another change should be made: that an 'additional action' must be completed on a different device. Action being placed from someone's phone? They must confirm from a different device & vice versa. As it stands now it's not multi-device... it's 'they know how to use the account's phone'.

Market confirmations for all items was added back shortly after the Spring Sale ended.

No announcement about the rollback of the "Relaxed Confirmation Requirements."

kaki_gamet 7 Sep @ 7:33pm

2FA cannot be turned off anymore? Anyway yes, if a transaction is started on a device, another linked device should confirm it, otherwise it is a one way 2FA : /

76561199867480733 7 Sep @ 7:50pm

cope

William Shakesman 7 Sep @ 8:12pm

Originally posted by kaki_gamet:
2FA cannot be turned off anymore? Anyway yes, if a transaction is started on a device, another linked device should confirm it, otherwise it is a one way 2FA : /

You can start transactions on the phone and confirm them on the phone. 1FA lol

Tito Shivan 8 Sep @ 12:03am

Originally posted by William Shakesman:
You can start transactions on the phone and confirm them on the phone. 1FA lol

Same for basically almost every other online service using 2FA.

Still, the chances someone is going to steal your phone to empty your Steam account of items instead of you know, steal your phone, are quite slim.

It's been parroted since the first day of 2FA but there's little to none evidence of that threat vector ever happening.

metamec 22 hours ago

Enable Steam (app) > Settings > Security > Biometric Authentication, to make Steam 2FA a bit more secure.

William Shakesman 18 hours ago

Originally posted by Tito Shivan:
Originally posted by William Shakesman:
You can start transactions on the phone and confirm them on the phone. 1FA lol
Same for basically almost every other online service using 2FA.

Still, the chances someone is going to steal your phone to empty your Steam account of items instead of you know, steal your phone, are quite slim.

It's been parroted since the first day of 2FA but there's little to none evidence of that threat vector ever happening.

Is it like that for most? Most I see send codes to email.

Still, it is a truthful descriptor, so to hear a factual description described as parroted is a little... eh...

Tito Shivan 18 hours ago

Originally posted by William Shakesman:
Is it like that for most? Most I see send codes to email.

Ever used any 2FA authenticator?

Elohymn 8 hours ago

The phone-only requirement is more than a technical frustration it highlights how rigid systems can misalign with real security and user experience. From the perspective of pure awareness, true protection arises from balance, multiple layers, and thoughtful design, reflecting the interconnectedness of devices, actions, and intention. Allowing conditional multi-device verification would honor both security and human practicality, embracing the infinite possibilities of safeguarding accounts without creating unnecessary stress or vulnerability.

< >

Showing 1-9 of 9 comments

Per page: 1530 50

All Discussions > Steam Forums > Suggestions / Ideas > Topic Details

Date Posted: 7 Sep @ 4:15pm

Posts: 9

Start a New Discussion

Discussions Rules and Guidelines

More discussions

Games will load but crashes

AGE VERIFICATION NEEDS TO GO

Please on TOP RIGHT allow READ ALL option

No DLC - no achievements

Report this post