77,000 Steam accounts were hijacked each month and pillaged of their wizard hats, trading cards, and other imaginary items, Valve said in December 2015. At the time, Valve had just adding ‘trade hold’ delays to help stop people who’d been hacked or scammed from losing their goodies. Now they’ve tweaked security procedures again, including introducing holds on the Steam Market too.
I only use the Market to flog ‘trading cards’ then spend the pennies on imaginary wizard hats, but for some it’s a hobby, a way to help fund buying games, or even business.
The changes last year meant that folks who wanted to swap items over Steam Trading would have their items held for three days. This short period would give folks whose accounts were compromised (whether they were tricked into giving their password out or had it stolen) a little time to notice and put a stop to it before their items were muled away to be sold or traded on. However, traders could skip this hold period if they used the Steam Guard Mobile Authenticator, a two-factor authentication app which (in theory) keeps accounts secure.
Valve’s latest changes, coming into effect on March 9th, include adding a hold period to the Steam Market, the place where folks can sell items for spendable ‘Steam Wallet’ credit. Hold periods for both Trading and the Market are bumped up to fifteen days too. But, as before, this can be skipped if you’re using the Mobile Authenticator.
Valve really would like folks to use the Authenticator, see. Thousands of folks being robbed isn’t good for either the robbed or Steam. Not to mention that it surely creates a lot of work for Valve’s often-troubled customer service department.
This tightened security is going well, Valve say:
“Since the last account security update, we’ve made significant progress in protecting accounts. In addition to significantly increasing the size of Steam Support to improve response times, individual accounts protected by the Steam Guard Mobile Authenticator on a separate device turned out to be even more effective than we’d hoped. For customers who have yet to add the Steam Guard Mobile Authenticator, trade holds have been helpful in keeping items secure, and we expect that the added duration and extension of holds to the Steam Community Market will further improve security.”
As if you haven’t yet got the message that Valve really want you to use the Authenticator, the final change coming on March 9th is that Valve will no longer restore items that leave an account through Trading or the Market. They say it’s to stop duplication devaluing the item economy (yes, I know) but also, well, I suspect they’re sick of having to do it.
To recap: use the Steam Mobile Authenticator if you’re fussed about trades and market sales completing quickly. If you’re more casual about it, you probably won’t even notice this – unless you get hacked and Valve refuse to restore your stuff.