Perhaps the logical protocol is store the password at all times, but demand the end user type it in 10 times. After that, if he's still not reacted by changing the password, simply start using the memorized password without demanding login info.
Obviously it would be stupid to actually store the password locally for security reasons, but the actual implementation of asking the steam servers for a token of some sort and then presenting the token in place of the password would work just as well. May as well time limit the token and demand you log in every six months.
Obviously it would be stupid to actually store the password locally for security reasons, but the actual implementation of asking the steam servers for a token of some sort and then presenting the token in place of the password would work just as well. May as well time limit the token and demand you log in every six months.