I recently read an article about "bloodystealer" and got to thinking I should better secure my Steam account. It seems the universal answer (short of not downloading cracked games or using questionable links) is to use Steam Guard, with the 2FA using an app on your phone.
I have an iPhone11 which is up to date, Bluetooth is always off, but I take the device everywhere with me, and consequentially I occasionally connect to some networks that likely have some less than ideal levels of security. Furthermore I also recently read an article about how using 2FA for your bank is not particularly safe because somehow an attacker can spoof your phone and get all your texts mirrored to them.
My concern is that on this device that goes everywhere I will have entered my steam password into the very app that supplies the codes needed to log into my account. So if my phone ever got compromised than how is that any safer than just having email verification on my home system which never connects to anything other than my router via cat5 cable? I mean if it's not safe to use 2FA for my bank accounts, which I never enter the passwords for into my phone, then how is Steam Guard any better?
I understand iPhones are less likely to be infected by malware, but there also doesn't seem to be a way to easily tell if my phone already has any malware or a keylogger on it.
I have Kaspersky on my big system, and long complicated passwords on my steam account and the email connected to it.
So what am I missing? What's the case then for why it is so much stronger?
I have an iPhone11 which is up to date, Bluetooth is always off, but I take the device everywhere with me, and consequentially I occasionally connect to some networks that likely have some less than ideal levels of security. Furthermore I also recently read an article about how using 2FA for your bank is not particularly safe because somehow an attacker can spoof your phone and get all your texts mirrored to them.
My concern is that on this device that goes everywhere I will have entered my steam password into the very app that supplies the codes needed to log into my account. So if my phone ever got compromised than how is that any safer than just having email verification on my home system which never connects to anything other than my router via cat5 cable? I mean if it's not safe to use 2FA for my bank accounts, which I never enter the passwords for into my phone, then how is Steam Guard any better?
I understand iPhones are less likely to be infected by malware, but there also doesn't seem to be a way to easily tell if my phone already has any malware or a keylogger on it.
I have Kaspersky on my big system, and long complicated passwords on my steam account and the email connected to it.
So what am I missing? What's the case then for why it is so much stronger?