Watch out for compromised steam accounts!
Watch out for compromised steam accounts!
Avoid sharing your login info across any platform—this isn't limited to Steam. They deserve credit for providing it voluntarily. By 2020, it’s clear they shouldn’t be pressured into giving away details through promotions or giveaways.
users frequently connect their accounts, clearly posing a major security threat. You should question why this happens. This isn't limited to Steam—it's becoming standard across most platforms. Linking accounts is often done casually, with minimal verification, making it risky. It seems many users don’t realize they’re sharing their credentials.
Most genuine platforms handle Steam integration by issuing just a basic token. This confirms your account without adding extra details. Ideally, it should verify your identity simply. Anything asking for more information beyond your account is likely not trustworthy.
Linking accounts means you’re only allowing the service to use a token for access; your real login details aren’t shared. The permissions and revocation process vary by service, and some tokens come with a set expiration date.
It’s true that such setups usually don’t work as intended. For instance, connecting my YouTube account to Steam would require Steam to link to YouTube, then prompt me for my password—only after entering it would the accounts appear connected. I’m certain it’s not a scam because it actually functions and lets me view my videos through Steam now. The only reliable sign is that I can access them afterward. From what I remember, checking the login URL isn’t always visible or clear, and it often just displays a generic message saying “we are YouTube.” The same applies to GeForce Experience; there’s a Google log-in screen, but no actual link or browser session to verify it’s the site in question. Once I’m logged into an app, this kind of token-based process disappears, leaving only uncertainty.
Revisit the details carefully, as there isn't always a direct browser connection. Many services operate this way, requiring you to enter your credentials into a hidden interface. This situation shouldn't exist, yet it does, posing significant security concerns. Companies like Google and Steam often overlook such risks, making it the only method for linking accounts in some cases—like with GeForce Experience. Simply switching browsers won't resolve the issue.
-> Moved to PC Gaming This is hardly anything new or special. So no reason for it to be in General Discussion.