Fixed device ID format not matching that of Steam's

[shravan2x]

I notice that the device IDs generated by SteamAuth are basically 40 random characters, which does not seem to be the format that Steam uses. Steam uses 32 chars separated by a '-' after 8,4,4,4 and 12 characters. Also, Steam's device IDs are in lowercase.

SteamAuth device ID example : 8248AC9BDA58618725404B88B121B5070F2A9C25 Steam device ID example : 71f62b82-05a4-2b82-2b82-2b8205a4e333

This should all be fixed in these commits. Feel free to test it again.

This pull request fixes #20.

[aaa4xu]

Steam blocking trades when changing deviceId?

[shravan2x]

Could you provide proof of this?

I have tested it and it seems to work fine. The newly implemented format also matches that which the android app uses.

Further on, you have the option to use your your own device ID. Just set it in your SteamGuardAccount object and that will be used instead. A new one will only be generated if it does not already exist.

[aaa4xu]

No, no, it's a question. Can i "change" my deviceId from old format to the new one without trade block?

[shravan2x]

Absolutely. But to remain on the safe side, just go ahead and continue using your old one. Just set the SteamGuardAccount.DeviceID property to your existing one after you create the object.

[aaa4xu]

For information: just checked device id on my phone - this different from sample from first post. It looks like this: android:00-00-00-00-0000-00000-0000-000-00000000-000-00-000000 (digits instead all zeros).

[shravan2x]

Hmm, that's interesting. Perhaps it's region based. May I know the country where your authenticator was enabled?

For the moment, I'm going to leave it as it is as I feel 32 chars is just more likely to be than either 40 or 43. (Let's face it, cryptographic keys and powers of 2 just go hand in hand).

[pipe01]

Where can I see my device id?

[shravan2x]

The only method I can support is monitoring requests. It should be the 'p' parameter on confirmation-related requests. (I prefer fiddler, but feel free to use WireShark/whatever else)

[pipe01]

While searching steam app data on my phone I found a steam.uuid.xml file that contains this: android:0d43c868-5754-4491-9688-9ec213cf33dg Is this something completely different or has it got something to do?

[shravan2x]

Yup, it's the device ID. As you can see, it follows the format I had mentioned above.

Note : I strongly discourage posting your actual device ID here. I hope you switched some chars.

[aaa4xu]

I'm from Russia. Ok, i think, my format is related to the fact that I attached authenticator 63 days ago, perhaps, during this time, device id format is been changed.

[pipe01]

Oops, I though the device I'd wasn't important at all.

[shravan2x]

That is possible. Either way, I've noted this. I'll investigate further when I get more information.

[shravan2x]

The device ID isn't necessarily private per-se. I just follow a policy of keeping private everything except that which Steam publicly releases.

All this being said, it is possible that Steam could start checking device IDs in confirmation-related requests in the future, and having made it public would just lower your account security by one layer.

[pipe01]

Oh, that's something I didn't think of.