FANDOM

A FANDOM user
  Loading editor
  • I have not reverted your edit to the "Hosting a Dedicated Server" page, but I would like to clarify that it is not against "Steam policy" for third-party apps to ask for a Steam password. Third-party apps are entirely within the Terms of Use to ask for authentication through Steam, and in most cases this authentication is necessary for the app to work.

    What apps are not allowed to do is intercept and store the end user's Steam password on log in.

      Loading editor
    • Hi MoltonMontro,

      I appreciate you reaching out.  I am certain, however, that no 3rd party application should ever ask for your steam password.

      Steam is down at the moment, but when it's up I'll link the cached page I'm looking at.  You should never use your Steam password outside an official Steam website or application (that's Steam applications; not apps that use Steam).

      Game server administrators (and developers) do not need your Steam password to integrate your Steam login into their game; there's an entire API that uses Steam IDs to authenticate yourself on the server.  Authenticion does not require the 3rd party app to have your password.  Steam will never give it away, and you should never either.

      Any application that is requesting your Steam password is violating their policy, and is likely a scam.

      Please, never enter your Steam password anywhere other than in the Steam app (PC or mobile).

        Loading editor
    • Again, it is not against Steam's Terms of Service for an app to request a user's password. Some applications (e.g., programs that host a server for you) require a valid Steam login as they're acting as an intermediary between SteamCMD (requires a Steam login for some servers) and you.

      USO does not actually receive your password, which would be against Steam's Terms of Service. They also let users proceed without using a Steam account.

      ---

      Generally speaking, the main reason I don't think people should use USO is that the server setup process is not complicated enough to warrant using a third-party tool that limits your configuration options. It's quicker for people to manually host than to have the tool try and set stuff up for them.

        Loading editor
    • I'm sorry, Molton :) But you absolutely should never give your steam password to a third party app.  Applications don't need your password to authenticate on Steam; Steam does it for them.  In fact, if you have Steamguard set up, it won't even work as Steamguard requires 2 step authentication.

      It simply doesn't make sense that an application would ever need your password; how would it know if your password was correct?  Authentication is done using Steam as the intermediary, as Steam only can verify your pass.

      https://support.steampowered.com/kb_article.php?ref=1266-OAFV-8478

      The USO application directly asks for your password.  This is on their form in their application; not a popup or redirect back to Steam (which is the only place you should enter your pass)  This is absolutely against password policy for Steam, and any organization really.

      For example: You can use Paypal to pay across many websites, and when checking out your cart on these websites, it'll redirect you to Paypal to pay.  You would never give your paypal password to the website; instead it redirects you back to paypal (via a popup typically) and the URL you're putting your password into is Paypal's; not the site you're buying on.  Paypapl lets you login, and then communicates to the website that the login really is you, and gives them payment info (the website again never gets your password, not to store, not to pass through; they never get it or see it in any way).

      Facebook logins for comments and thumbs up, and Google logins work the same way on 3rd party sites.

      Authentication on Steam works very much the same way, but on your local machine.  If you write an application on Steam, you use their API to get the current user and use their ID within your application.  You never need their password.

      Active Directory authentication on third party applications works much the same way.  This is how authentication is done these days.

      Now, I'm speaking as a software developer (corporate stuff, nothing as fun as writing games :) ), but I strongly suggest you reach out to Steam and get confirmation from them for you own benefit.  It is critical you understand how passwords work, here on Steam and everywhere else.  Phishing is common, and misinformation on things like this is how they get their target.

        Loading editor
    • A FANDOM user
        Loading editor
  • Heya, I'm the admin for the Unturned Bunker Wiki and I'd like to welcome you by saying thanks for your edit to the Hosting a Dedicated Server page! If you need help with anything or just wanna say hello, feel free to contact other wiki staff or myself here.

    For tips on getting started, check out the community hub page.

    Information, general discussion, and community activities can be found on the wiki forum.

    You can also explore the user blogs to start or join discussions.

    The monthly poll and major wiki updates will be posted on the main page.



    hi. (This is an automated message.)

      Loading editor
    • A FANDOM user
        Loading editor
Give Kudos to this message
You've given this message Kudos!
See who gave Kudos to this message
Community content is available under CC-BY-SA unless otherwise noted.

Fandom may earn an affiliate commission on sales made from links on this page.

Stream the best stories.

Fandom may earn an affiliate commission on sales made from links on this page.

Get Disney+