0
3

[–] aileron_ron 0 points 3 points (+3|-0) ago 

Roughly 77,000 poor passwords and no 2 step authentication. People are lazy and should use random hexadecimal , alpha-numeric characters and change it at least every 60 days.

0
3

[–] 7538266? 0 points 3 points (+3|-0) ago  (edited ago)

Couldn't it also be dummies giving away credentials? No need to brute force something when it can be freely given or traded.

Seems like Valve would have some velocity limits preventing a lot of the brute force techniques anyway, but I haven't checked for that.

0
0

[–] aileron_ron 0 points 0 points (+0|-0) ago 

Your correct, Some use birthdays as passwords. And I've seen a fake steam email asking to confirm your log in information.

0
1

[–] lerthe61 0 points 1 points (+1|-0) ago 

I use 35 symbols, random generated password. Did not change it for years. So I wish patience and good luck for anyone who will try to brurtforce that ;)

0
0

[–] aileron_ron 0 points 0 points (+0|-0) ago 

I use GRC.com Perfect Passwords, Some sites only let you use say 8 or so characters but it still does a good job.

0
0

[–] Gorillion 0 points 0 points (+0|-0) ago 

I thought the three-word combo thing was the new unbreakable code?

0
0

[–] rwbj 0 points 0 points (+0|-0) ago 

Hahah, that terrible comic also irks me to no end because it's trying to sound clever while pushing people to do something very very stupid. People will not choose even remotely randomly. Take the 100 most common words people think of and you'd have the dictionary some absurdly huge chunk of the population would use. And that's a total search space of 1003, or a million, which means it's trivially brute forced. The only thing that might make it a decent idea is security by obscurity. Nobody does that and so no brute force attack is going to have 'dragon pussy shadow' (3 of the most common words for passwords - seriously, we all clearly invoke our 13 year old boy when thinking of passwords) in their dictionary.

0
0

[–] aileron_ron 0 points 0 points (+0|-0) ago 

It's been a few years sense I left IT but something like John the Ripper could crack a three-word combo with ease, I'm sure hackers today has better tools. I have a wifi pineapple that I just turn on and by itself cracks passwords in no time.

0
0

[–] derram 0 points 0 points (+0|-0) ago 

https://archive.is/yrD4h :

Steam: 77,000 accounts hijacked every month - Business Insider

'Around 77,000 Steam accounts are â\x80\x9chijacked and pillaged each month,â\x80\x9d Valve said in a Wednesday news post. '

'Basically, Steam Trading lets people trade games, in-game items, and virtual cards that are stored in your Steam account. '

'But on Wednesday, Valve, which runs the Steam store, announced account theft has become an epidemic. '

'Valve said itâ\x80\x99s considered removing trading entirely, which was the easiest solution even though it generates revenue for the company. '

'But unfortunately, this system has made it easier to steal from other users, and more difficult for Valve to protect its Steam customers. '

This has been an automated message.