Question about having your password stolen.

#1 Edited by Mikemcn (6959 posts) -

Today was a bad day, after having someone back into my car at 30 miles an hour this morning I was a little distracted.  So when a friend sent me a link to what I thought was a steam community page I didn't have any hesitation in logging in. Then I realized that friend had no idea what the link was and thought his account had been stolen, then I took a second to check out the site and realized the domain (valvecommunity.co.cc) was not affiliated with Valve in anyway. The page was brilliant in that it looked like the steam page in every single way. It had the same ads, the same store page with moving pictures and up to date info, I honestly think you could get as far as giving them your credit info, to buy a game before it would reveal its hand.  
 
So i've since taken all the normal last ditch efforts to keep my account from getting stolen, changed my password, run a couple virus/phisher checks. I've hesitated to send in a support ticket yet since nothing on my account has really changed yet, but when it does I will. But I have a question... 
 
I changed my password, but obviously that isn't enough, but I can't understand why, they can't log me out of my account because I know the password and any further changes would have to be verfied through my email address, which also can't be changed without verifying through that same email.  What does using my password do for them? 
 
Edit: I know this seems like a steam forums question, but im just generally curious and I'd rather not fiddle with any steam related logins right now. 

#2 Edited by KaosAngel (13765 posts) -

This thread made me realize that one stupid  mistake can ruin my entire catalog of games I bought from Steam.  -_____- 
 
Steam should start to use the same Authenticator that Blizzard and Google uses.

#3 Edited by Mikemcn (6959 posts) -
@KaosAngel said:

" This thread made me realize that one stupid  mistake can ruin my entire catalog of games I bought from Steam.  -_____-  Steam should start to use the same Authenticator that Blizzard and Google uses. "

How does their's work? And yea, one moment of weakness can really screw you over. Theoretically if it does go bad I can recover it since all my games have been bought through paypal which should have records of all the things I bought. 
#4 Posted by KaosAngel (13765 posts) -
@Mikemcn: You have to push in a 10 digit code before you log in Steam, your mobile gets a code and you need to type it in about 30 seconds or it gives you a new code.

This edit will also create new pages on Giant Bomb for:

Beware, you are proposing to add brand new pages to the wiki along with your edits. Make sure this is what you intended. This will likely increase the time it takes for your changes to go live.

Comment and Save

Until you earn 1000 points all your submissions need to be vetted by other Giant Bomb users. This process takes no more than a few hours and we'll send you an email once approved.