Steam 2FA on Linux

I hate having Valve’s Steam app on my smartphone and only use it as 2FA, but I don’t know which FOSS alternative is best and most secure, if it’s even possible to be secure.

So far I only know of these:

Can you recommend something better or give any advice?

Several KeePass clients actually handle Steam 2FA natively! KeePassXC for desktop should handle it (Just add TOTP to an entry and select “Steam Key”)

How to obtain secret key?

1 Like

Follow the guide from the link here up to step 2.
I was able to do it on Wine through Linux.

For Bitwarden, you have to put the code in as this format.

For Aegis and KeePassXC just enter the code as is

For KeePassXC, now on keepass click on you steam account entry
and then on the menu bar click on “Entries” >> TOTP >> Configure TOTP

I assume this is less secure than a separate app though right? As if someone manages to get into your KeePass database, they not only have your passwords, but also 2FA codes.

@Henry or @privacy_parrot Do you know if it works with yubikeys? @Bird and i may do this if so this is something i never really thought was possible

Edit: Was brave and tried it… and it works! (at least for the steam gaurd code :smiley:)

Edit 2: Keep in mind that you still cant do things like confirm trades this way! So make sure to set up the encryption after you are done to keep it secure and keep the app around for the just in case factor

(And i also fixed some typos :wink: )

I mean it depends.
Steam isn’t a security app at the end of the day, none of the company’s that use 2fa are.
Kinda like storing your passwords in the browser. Just keep multiple back ups, make sure a password used is longer then 12 characters and is hard to guess and possibly biometrics (but I wouldn’t).

I leaned that the hard way haha, but I don’t trade so won’t do me much, and can be done again.
Glad to see it worked out my friend :grin: