questionshas anyone gotten their steam account hacked?

vote-for8vote-against
vote-for4vote-against

@mtrgrl: I'm going to provide a couple of wikipedia references, but I suspect that they aren't going to be helpful. There are certainly simple ways to explain this, but I need to think about it. Maybe someone else will show up that will make a better effort than this. Here's a start, though.

http://en.wikipedia.org/wiki/Salt_%28cryptography%29
http://en.wikipedia.org/wiki/Cryptographic_hash_function

Although there are many meanings for "hash" that are relevant there, the one that's most applicable is the discussion in the second link. I'm going to look at some references, and see if I can come up with a brief explanation in English that will still be helpful. Please note; I have not read the article, but I felt sad that no one had answered your question.

vote-for3vote-against

@shrdlu: Thanks for the info and for having pity on me :) I have been told to "ask better questions", but can't seem to come up with any good ones. It was a very off topic subject, but I figure there are some Steam users here who might respond. I took my chances.

vote-for4vote-against

I mostly put this up to inform people who might not have been on Steam in awhile that it had been hacked and to check your accounts, but since it had to be phrased like a question, this is what I came up with. If only I had asked the "what to add to macaroni and cheese" question. sigh

vote-for3vote-against

@mtrlgrl: I'm just annoyed with myself that I left a letter out of your name (so you didn't get an email that I'd replied). Cryptography is hard to explain, or at least I'm not good at explaining it.

Yeah, I'd heard elsewhere about Steam being hacked, but I know zero people affected. Makes me wonder how many people actually were.

Oh, and please ignore that stupid moronic pointless hints. Things aren't working right of late in any case (if they ever did). The top voters (for example), was frozen for days, fixed for one, and now has been broken for another two or three. That's just one example. Don't pay any attention to hints. It's not like it really makes any difference as to whether you have a black triangle, and I've seen some pretty seedy characters that have them now.

You're okay by me. Surely that counts for something. ;-}

vote-for3vote-against

@shrdlu: That counts for a LOT, believe me! Thank you. I did read the links and figure, on my own primitive level of thinking, that when you "salt" a password, it can keep it from being "assaulted", or hacked. Is that right?
I will disregard the hints, but I hate slipping down to purple. It is psychological, I know. I guess on a site of colored triangles, the color-blind person is king/queen.

vote-for2vote-against

@mtrlgrl: I just saw this reply. No, that's not what salt is. I'll come back to this later, probably tomorrow, and try to give you a decent answer, in regular words. I'm off to an antique auction today, and that has (and will) occupy me almost totally until then. No worries, no need to reply, just hang in there, and I'll be back.

:-D

vote-for2vote-against

shrdlu is right in saying salt and hash are difficult to put into layman's terms but I'm going to try.

A hash function when applied to a password takes a variable length string (your password) and runs it through an algorithm that creates a fixed length string (the hash). This string is then stored in the database as your password instead of your plain text password. This way if the database is compromised the hacker doesn't have a full list of everyone's passwords.

The salt function adds a little more security to this. Before the password is hashed the salt function generates a random sting and appends it to the password. This way even if you have 2 users with the same password they will each have a different salt (random string) applied to their password so the hashes will be different. You also have to store the salt used for each password so you can properly validate the user's password when they log in.

I could go on more but I'm down to 35 char, no 23, um it keeps changin

vote-for1vote-against

yup, had mine hacked about a year ago. Royal pain in the rear end, but Steam was pretty quick about it and got my account fixed (Didn't hurt that I had complete documentation of every purchase I made through steam in the past 5 years to provide evidence in my case).