Valve is taking steps to enhance security on its Steamworks platform by introducing SMS-based confirmation codes for developers. This move aims to combat malware distribution through hacked publisher accounts [2], which has been a recurring issue in the past.


Valve’s decision to implement SMS-based confirmation codes on October 24 is a response to previous breaches where hackers compromised developer accounts and injected malware into game builds. These breaches have highlighted the potential for financial gain when infiltrators gain access to code repositories, DevOps tools [1], and cloud infrastructure [1]. To ensure the safety of game publishers and players [2], Valve is mandating the association of a phone number with a user’s account and implementing two-factor authentication for certain actions [1]. These security enhancements will be applied to Steamworks [1] [2], a set of tools and services used by developers to distribute their products on the platform [2].


By introducing SMS-based confirmation codes and implementing two-factor authentication, Valve is taking significant steps to enhance security on its Steamworks platform. These measures will help combat malware distribution and protect the interests of game publishers and players. Looking ahead, it is crucial for other platforms and developers to prioritize security measures to mitigate the risks associated with hacked accounts and malware distribution.