Where do programs like Steam/Origin/iTunes/Battlenet/GFWL store logins?

Avatar image for andythemez
#1 Posted by andythemeZ (69 posts) -

I'm doing a little spring cleaning on old PCs and hard drives. When I was a kid I made a bunch of different "EA", Steam, Xbox GFW, Amazon, and newegg accounts over the years, often with their own matching Roadrunner (!!!) email addy.

Of course over time I've forgotten my passwords, or the email used, or even the screen name of some of these accounts. Not too much worry, thanks to how MSRPs of games tank, I've rebought or received (PS+, XBLGold) most of the game purchases I lost.

But it would be nice to recover some ones, to get access to no longer for sale items, or things like my achievement score.

So, I have an old hard drive. On it I had installed things like Steam, EA (pre origin rebranding) DM, and Games For Windows, all logged in with those emails and passes I forgot.

By plugging in the external HDD via USB, I was able to recover things like my Mass Effect 2 save, my Elder Scrolls characters and installed mods, screenshots, in addition to my old MP3 rips and vacation photos.

As a Mac user nowadays, I know that apple stores logins for Apps/Programs in the same sort of chart it stores Safari web logins.

I'm wondering if there's an .ini file somewhere, either made by the program itself, or a mass one Windows makes for all your software, that I could open and read what my email and passes were for stuff like Steam and "Origin".

Muchos thanks for any help!

Avatar image for audiobusting
#2 Posted by audioBusting (2518 posts) -

I've never checked, but I'd be preeetty upset if Steam and Origin and the like store your password anywhere on the PC. I'm only aware of web browsers doing that unencrypted.

Avatar image for andythemez
#3 Posted by andythemeZ (69 posts) -

Wouldn't they have to if you auto login?

Avatar image for alphasquid
#4 Posted by alphasquid (126 posts) -

@andythemez: I would imagine auto login just bypasses the login, storing passwords locally on a hard drive would be pretty unsecure.

Avatar image for mekon
#5 Posted by mekon (426 posts) -

There isn't a reason to believe that there's a common method for storing details in old games on PC unfortunately. They could be held in a file (cookie/ini file/whatever) or in the Windows registry, it depends upon the people designing the authentication process.

Given the shitshow about security over the last few years, more recent gaming platforms are probably using tokens to identify you which are a long string of seemingly random characters. If it's anything like credit card processing, these would be generated by Steam (etc) once you have satisfied them that you're legit with your username and password (and eventually your device details).

If you get your password wrong too many times or go offline for too long, they can just blank their copy of the token details and ask you for the password again.

Avatar image for skullpanda1
#6 Posted by SkullPanda1 (1502 posts) -

I don't believe those PWs were stored locally on your machine. That said they're probably floating around somewhere on the darkweb as the result of some poor corporate security.

This edit will also create new pages on Giant Bomb for:

Beware, you are proposing to add brand new pages to the wiki along with your edits. Make sure this is what you intended. This will likely increase the time it takes for your changes to go live.

Comment and Save

Until you earn 1000 points all your submissions need to be vetted by other Giant Bomb users. This process takes no more than a few hours and we'll send you an email once approved.