Viewing a single comment thread. View all comments

aMac_UK t1_j1nl5c3 wrote

Reply to comment by Necrowanker in LPT: Got a Steam gift card for Christmas? Hold on to it after you put the code in. If your account gets hacked, you can use the old code to recover your account. by Worst_Support

I mostly just object to people using the term “hacked” because it absolves blame on their part.

I was “hacked” and not “I use the same easily guessed password everywhere and my security questions are easily looked up facts” or “I entered my details into a random website and I don’t have two-factor authentication enabled”

8

PyroDesu t1_j1nxrx1 wrote

Security questions are pretty much always about easily looked up facts. Social media has rendered them non-secure if they're used as intended.

(I personally put "answers" that are the same alphanumeric-symbolic garbage as my passwords, and save them in the notes section of my password manager entry.)

3

Necrowanker t1_j1nz3jm wrote

Non sequitur answers are your best friend here I think. At least for me

2

Necrowanker t1_j1nlhz2 wrote

I don't think people are taught enough about cyber security to bother with semantics but I get you. I try to encourage people to put 2fa on but it mostly falls on deaf ears

1

HYPERBOLE_TRAIN t1_j1nn7el wrote

Sounds a bit like a superiority complex, if I’m being honest.

−4

Mataskarts t1_j1nq8zt wrote

This is one of the rare cases where it's a valid one.

Use 2FA ffs, not doing so is plain stupid.

6

Necrowanker t1_j1nzj95 wrote

You're right but people should still be aware that their accounts can still be breached through other methods, such as certain kinds of malware and phishing attacks. 2fa helps so much but it's not invincible

2

Mataskarts t1_j1nzvga wrote

2fa sorta eliminates the pure malware risk unless somehow you get both your phone AND PC infected with the same one designed solely to get steam accounts.

But yeah phishing and social engineering are by far the most common ways of "hacking" or stealing steam accounts. If you can't bypass the systems - just ask the user nicely for all the info instead. Or threaten their family, that works too.

3