vindisel

The account is banned only if you use the qr login with the mobile app, because it is physically impossible to log in to the mobile app using the qr, and Steam detects this

I am also finding that exclusively logging in with .WebBrowser (and not .MobileApp) and using a non-default User-Agent (just pull whatever your current browser uses) works.
 
Account now is blocked from selling for 15 days, but at least I can play on VAC servers.

if you're only using node-steamcommunity, I don't think you need much ram but for rate limit, YMMV.
I used to run 50 accounts, 10 of which has a steam-tradeoffer-manager instance and the rest only steam-user and steamcommunity, running in less than 500mb.
Fetches inventory every 10 minutes for all initiated accounts,
Fetches boosterpack catalog every 10 minutes for all initiated accounts,
Fetches badge data (1 every 30 secs)
Internal stock balancing.
Not using any proxy.
 
Nodejs, pm2, ASF, nginx in a 1gb droplet. 

Hi there,
 
Created an account and replying to say I'm also experiencing this. Starting Sunday, I logged in using a QR code that I scanned with the Steam Authenticator app. I was then flagged for "compromised account". I went through their flow to reset my password and figured all was good so I logged in again with QR code. Flagged again. This time they did a big reset and I even had to remove and re-attach my Steam Authenticator. I tried one more time and my account got flagged and that's where I'm stuck right now. It's a big pain because it prevents me from joining friends.
tl;dr: something does seem broken when using QR codes to log in
 
@vindisel I found in the github why your EAuthTokenPlatformType.MobileApp shows up as [Samsung] Galaxy S22: https://github.com/DoctorMcKay/node-steam-session/blob/a4300c954c7dc0e4b15c6ff033e4484c70837a0f/src/AuthenticationClient.ts#L417
Basically anybody using .MobileApp as their type gets considered to be an S22. My original login method was also using .MobileApp.
I'm currently trying to change .MobileApp to .WebBrowser to see if that does anything, because since I'm running my code on a server it's not actually a MobileApp. Maybe Valve is cracking down on "wow there's a lot of people doing bot things from S22s"? I'm also going to provide a userAgent from my current browser, in case that helps avoid this automatic flagging.

It wouldn't hurt to clusterize things, but either way things should generally work fine without need for much hardware.

I don't know offhand.
Yep.