My Steam account has been stolen, but I recovered it recently. I need some advice on how to protect it. (2023 post made in r/counterstrike, but it was deleted)
For some background, I'll tell you how it got stolen.
I'd like to point out that my phone in in "Do not disturb" mode every time I play video games. This will be important later.
So I was playing Competitive on Inferno when I suddenly got disconnected, and the cause of disconnection appeared to be "Not logged into Steam". I was confused, because I've logged in just before I started that Competitive match. I closed CS and opened Steam, where I was greeted with a "Log in" window. I inserted my information, but it said that the password was incorrect. I thought that I must have made a mistake in my password and tried again. Same result. I was annoyed with this and decided to log in with a QR code, but when I opened Steam on my phone, I was greeted with the same "Log in" screen. "What the f?", I thought. I turned off "Do not disturb" mode and saw that I've missed three or four notifications from my email. I would ignore them if they weren't labeled "Steam support"(Tgey were). I quickly checked the email address to be sure it is not fishing, then I began reading. First one said that my Steam Guard authenticatir was successfully deleted, second one said that my Steam password was successfully changed and the third one said that the email address, connected to my Steam account was successfully changed. At this point it wasn't hard to realise that my account has been stolen, so I took immediate actions. I quickly froze my account
For those who don't know, freezing a Steam account disables performing certain actions, such as buying and selling stuff on Steam Market, trading, adding money to the Steam account and palying on servers where the VAC anti-cheat is active (in every game from Valve). The account can be unfrozen only by entering a code that was sent to your first email (ever attached to Steam).
Now let's get back to the story.
After I recieved a message that the account was successfully frozen, I reported my account as stolen and provided all the information that might be useful for this case. All I had to do after the report was sent is to wait.
Fast forward to the next evening.
I opened Epic Games to play some Fortnite and saw that they are giving away the game I've been wanting for a long time. I grabbed it abd opened my email to see tha receipt for it, and then I saw it: new message from Steam support (strangely, I haven't received any notifications for it). It said that my Steam account password was successfully changed and the login and the new password were further in the message. I cooied this password and tried it. It worked. They even attached my email back to my account. All I had to do after this is to set tge Steam Guard authenticator and change the password. But there is one strange circumstance: my accoun wasn't frozen for some odd reason.
My friends advised me to reset my API key, but I don't understand what it is, nor do I know how to reset it. Also, are there any more ways I can protect my Steam account, except the Steam Guard authenticator?