Product codes for games (and other products such as films, software, and the like) on Steam can now be activated outside of the client as reported by Steam Database's Twitter.

Although Valve's digital distribution service allows users to purchase products directly from their stores, there are a number of third-party sellers that will simply provide a product activation key for users to input into their client. Physical copies of games may also include such a code, sometimes with a disc to allow pre-installing of content in order to spare the customer from having to download gigabytes of data.

Previously, the only way to activate such keys was by going into the client, selecting "Games" at the top menu, and then choosing "Activate a Product on Steam". Users would then be prompted to accept an EULA, input the code, verify it, and accept any additional EULAs or terms that may be required for that specific product. The product would then be added to your account and you could opt to immediately begin installing it. That is no longer strictly necessary; you can now activate a key through a page on the service's website (requires login):

Steam customers can now register their product codes directly through the Steam website and bypass the client entirely.

Although Valve does publish an app for their digital distribution platform, it is still not yet possible to activate product codes through this particular portal. Even so, the ability to do so through a website means that users will have an option for activating product codes while they're away from home other than remotely connecting to their desktop PC.

This addition comes after some controversy regarding Valve checking more stringently on key code requests to crack down on 'fake games' that led to some developer concern that Steam may limit the sale of keys. Hopefully, further improving these features for it helps further assuage concerns.

What do you think of Valve adding the ability for users to activate Steam Keys via Steam's website? Are you concerned that this may introduce a layer of vulnerability that might not exist with the desktop client? Let us know in the comments below!