Very much against I mean what if you want to play on 2 different locations for instance your pc and Steam deck on the go? Also tied to your pc what if you just bought a new pc?

Steam is already more secure than some banking apps...

Just make sure you got the 2FA enabled and don't enter your credentials anywhere else but Steam.

Oh, and, as usual with the internet... Be careful of what you do and download... You certaintly don't want a little spy in your computer. In which case Steam would be the least of your worries.

引用自 Emperor Cordon：

I think that a password protected feature to make it so that steam purchases can only be made from a specific location/device/time, to avoid unwanted transactions occurring if indeed your account does become compromised.

Accounts are already password-protected, adding another password to that will not resolve the first issue of users providing their account information to others.

Unwarranted. I have currently two computers.

Not to mention this is what Microsoft tries to do with their Windows Operating System. Your suppose to only have 1 Windows license per machine. Can you afford to pay Microsoft an additional $200 per machine to install Windows?

If someone gets into your account, that means they have everything they need to shut off any extra protections.

So adding more won't help.

引用自 Emperor Cordon：

I think that a password protected feature to make it so that steam purchases can only be made from a specific location/device/time, to avoid unwanted transactions occurring if indeed your account does become compromised.

Keeping your account secure already accomplishes this. And ultimately anyone with access to your account could potentially remove that lock. Not to mention, anyone with access to the account can use that access to trick a person to thinking that they're a Valve employee and thus manipulate them into disabling it or providing the authentication. In short it might be more security theater than security.

And all these schemes that amount to, "I think this will allow my account to be compromised but I'll still be safe from harm." Are not a better solution than keeping your account secure in the first place.

The question is how do you unlock such a feature. You have to unlock it eventually. How do you do so that the enemy cannot do the same? Password would not work, they have your password.

If purchasing is the vector to defend a simpler suggestion is for Valve to force app approvals for purchases. They already do so for sales and I still think it strange they do not do so for purchases. Valve already institutes defenses after the account is lost for sales but not purchases. Strange priorities.

引用自 Emperor Cordon：

I think that a password protected feature to make it so that steam purchases can only be made from a specific location/device/time, to avoid unwanted transactions occurring if indeed your account does become compromised.

If the account becomes compromised, anything that you can do to set up protection, the hijacker can undue.

Maintain security of your account. There is no better protection.

引用自 William Shakesman：

The question is how do you unlock such a feature. You have to unlock it eventually. How do you do so that the enemy cannot do the same? Password would not work, they have your password.

That's why the actual 'lock' is your account credentials.

引用自 Tito Shivan：

引用自 William Shakesman：

The question is how do you unlock such a feature. You have to unlock it eventually. How do you do so that the enemy cannot do the same? Password would not work, they have your password.

That's why the actual 'lock' is your account credentials.

And of course sometimes your second MFA factor

If they added physical 2FA tokens, you'd be able to lock your purchases to that, but they still refuse to support those for some reason.

引用自 WoJo ©：

If they added physical 2FA tokens, you'd be able to lock your purchases to that, but they still refuse to support those for some reason.

Likely the reasons stated in the other topics. Op is wanting to stop unwanted transactions, this is achieved by not providing account login info along with 2fa codes. If someone is providing their login credentials no piece of hardware will improve that person's common sense.

The best way to avoid unwanted transactions is not to use your steam login outside of Steam.

You're all missing a critical point, it is a backup system, that would not use the same password. I dont know why people do this, its probably argueing for the sake of argueing, but the idea isnt negative, none of the points any of you have provided me show that it is in any capacity. All they function to do is try to show that its less of a good idea, which at the end of the day helps no one, and makes a fool out of both of us.

引用自 Emperor Cordon：

You're all missing a critical point

We get the point very well

to avoid unwanted transactions occurring if indeed your account does become compromised.

Which again can be done by not providing account credentials.