89 million Steam account details just got leaked, so now's a good time to change your password
89 million Steam account details just got leaked, so now's a good time to change your password
23 comments
-
-
I hate articles like this. Given I am 99% certain Steam will not be storing my password in a compromisable way, what is the point of changing it?
-
'Meanwhile, SteamDB has flagged a LinkedIn post from Dr. Christopher Kunz, a security writer at German tech site Heise, who wrote in an article on the alleged breach: "The dataset contains phone numbers and (expired) one-time codes, but no references to access data such as usernames, Steam IDs, or even password hashes. Whether Steam customers should now change their passwords as a precaution or install the 'Steam Guard' security app seems at least questionable."'
https://www.vg247.com/steam-vendor-data-breach-passwords-89-million-users-dark-web
-
Given I am 99% certain Steam will not be storing my password in a compromisable way,
From what I understand, these passwords (and the accounts they are linked to) are in a usable form to whoever is buying the lists.
2FA protects you, but changing your password isn't a bad idea (and should be done on a regular basis anyway).
-
Latest NIST guidance no longer recommends password rotation, except in the instance of a suspected system compromise. Regularly forcing users to update passwords leads to more insecure storage mechanisms and passwords as users just recycle new versions of old passwords.
-
I hear that being said, but how? If Steam is following best practices of the last several decades, which I'm sure it does, it doesn't have the passwords in usable form.
-
nothing in either the news post nor the linked tweet suggest that passwords are even involved
-
-
You should never think hashed passwords are safe by default. Your password strength is probably the strongest factor on whether or not they can crack it. Your "hunter2" password can get cracked in a second.
-
23 comments
No problem.
Everyone has 2FA enabled, right?
Right?