Easy way to protect your Steam account from Hijackers.

Hello everyone. As the title says there is one really easy way. You don't need any special anti-viruses or even clicking on phishing link your account will be protected. As you know your steam account is all about e-mail, if the hijacker finds out your email username and password, not even steam guard will help. So heres how it is..

It works for gmail users only, if your e-mail is diffrent, just create new one and change as main email in steam settings.

So the trick is just to active 2-step verification. When you login into your e-mail a code is sent to your mobile phone/android. When logged in your email you can disable the protection on the specific computer for example home. So yeah that's it. I have been using this for about a year now. I had few times some sms that somone is trying to get to my e-mail, but nothing they can do about it, the code is in my phone and without it they can't do nothing.

Hope it helps, thanks

Phishing nowadays works totally around the email, they don't need it, they get ppl to provide the steamguard code in on a site under the ruse they must activate their browser for steamguard. That steamguard code gets send to their bot that logs in automatically, and once logged in, victim is logged out of his account, the items get traded and he's another victim. Then with the activated steam client, they can change the linked email (without steamguard requiring another confirmation), and then change everything, without ever needing to log into their email.

So the trick is not really relevant imo. If you had read my guide on email, you'd be a bit wiser on them:
http://forums.steamrep.com/threads/general-e-mail-security-considerations.17308/

I see, thanks for the additional information. Besides phishink links the things works really great.

also, best way to avoid phishing links is using OpenDNS

Thank you so much! A week after I did this, someone tried to get a hold of my account!

i can add an extra tip,

use a "dummy account" just a random ammount of numbers&letters as name and pass, if the site asks for a code you can be 100% sure its a phishing site

Doesn't G-mail already ask you for a phone # verification code when you create your account?

that is optional.

oh really? I did mine just in case