Vlog #20: Secure your Steemit account by logging in with your posting 'password'.
There are so many new people coming to Steemit that I feel that security is more important than ever. I believe hacked accounts are not in the best interest of the Steem blockchain so preventing this is important.
As a new user, you have to realize that the Steem blockchain has no owner. So if your password gets stolen there is no one you can call or write to help you get it back.
The password that was sent to you when you made your account is the password with the highest permissions. Including changing that password.
I recommend that you don't use that password to log into Steemit.
It's possible to log into Steemit with a password that has lower permissions but still lets you post, comment, and upvote!
Logging in on a daily basis
It's possible to login to Steemit with passwords that give your account 'lower' permissions.
If these get hacked it's no problem because you can always change these 'lower permission passwords' with your 'highest permission password'.
On Steemit the password that gives you the lowest permission is called the 'posting' password. Also, know as the 'Private posting key'. With this password, you can only post, comment and upvote. Nothing else.
This is the password I recommend you log in with on a daily basis.
This is a picture I made to show you where you can find the 'posting' password. Before you do this make sure you have a good backup of the password that was given to you when you created your account.
If you have any questions about these keys I'll try my best to answer them for you.
Follow Me @exyle
Thanks for the tip. Never realized that.
On the other hand, if you want to redeem rewards, or upgrade your Steem to Steempower, you need the other key anyway.
Thank you! I forgot to mention the redeem rewards part. Thanks for pointing that out.
Thanks for explaining. Do you think some Steem is already locked in accounts, of where users had lost there passwords already and therefore that Steem will never be available anymore for anyone?
Yes, I think this is possible. If you can't login to your account then the funds are there forever.
Crypto and security go hand-in-hand. I'm definitely going to teach the Steemit key hierarchy to the users I invite. Thanks for the tips!
It's good information to know! and Thanks!
I definitely trust you @exyle that you know what you're talking about. But I wonder how many Steemit accounts are presently being hacked, if any. I know when I first signed on last July, many accounts (including mine) were hacked, but Steemit fixed the problem, returned my Steem, and my account was restored. Since then, I haven't heard of any problems.
I would take the steps you suggest but I'd be afraid to make a mistake, or not fully understand what I can and can't do if I make the change. For instance, can I still claim rewards? Or would I have to switch back and forth between passwords in order to claim them?
Just an example I come up with.
Someone installs a keylogger on your PC. You log in with the password that gives you the highest permissions. Now the 'hacker' has this password and can change the password of your account. You are locked out forever.
It's just bad practice to log in this way because it's not necessary at all.
Because you are more familiar with the platform I guess it's alright for you to log in with your 'active key'. This will give you all the permissions that you will ever need. And if this one gets stolen then you can always fix things with your owner key or the password they gave you when you created your account.
I hope this was clear. If not. please just ask.
EDIT
Just a sidenote. if you use the active key and it's stolen then any Liquid Steem / Steem dollars can be transferred.
OK...you convinced me...I'll try it. What have I got to lose, right? 🤔
Wow! I always logged in with the key I wasn't supposed to... Thanks for the info bro! Up!
Thank you!
Thanks for the tip! Did it right away!
Thank you!
Thanks for sharing important security tips.. will definitely follow them.
Thank you, man!
Securing the main password is a steemian sole responsibility. What I do is to back up all my passwords in My cloud drives and also a flash drive that is secured.
Thanks for this tutorial
A double (secured) backup is always smart! Good tip.
Dankjewel! So where did we recieve the "master password". Is that one sent to you in an e-mail? Signed on a few month's ago and don't really know where i left it.
You signed up in September 2016. I'm not sure if they sent a mail back then. When I signed up that wasn't the case yet (July 2016). So if you don't have an email it's the one you got when you created your account.
Thanks for this helpful post. Security is key. Resteemed.
It is sure a good thing to think about! It's really important. Thank you!