New to Steem? Would you join us for day one of this 28-day Steem basic training program because inside is the best of what I've learned about how to be successful on Steemit including when do we earn money, how to keep our accounts safe, where do we go for help, and how do we make lasting deep relationships with people on Earth?
Introducing Steem Basic Training Day #1! What next after account approval?
If you've just got an email like this, as I did on May 20, 2017, saying that your Steemit account has been approved, you might be really excited like I was.
Each day of this basic training will focus on one critical activity to do that I think will be most helpful for you, based on my experience including what I've done right and all the mistakes I've made in my 6 months on Steem.
Therefore, for day one, what is the one thing that's essential to do on our very first day?
Most of the excitement I've seen starting out on Steem is about how do I make an intro post, earn money and build followers? That is too much to get started with. We will tackle each of these things one day at a time.
On day one there's something much more important that I've noticed my friends and family signing up often not paying much attention to.
Would you join me in seeing exactly how to do this because this may prevent a huge pain point in the future?
As soon as we get our Steem account, we get a link to "steemit.com/start" with some custom characters for each of us. This will allow us to set up our password on Steemit.
We will receive a password or have the ability to generate a password that is the master key to our account.
During day one, the most important thing to do is build or use an existing system to keep the password safe and to start immediately using these permissions or keys to sign in instead of the password.
I've noticed friends and family signing up not paying much attention to backing up the password or keeping it safe, and signing straight in as I did to Steem with the password.
On Steem our password is the master control to our account. If someone takes the password, that person has master control of our account and there's no third party who can definitely help.
Steemit may be able to help by recovering an account, but that's not something we want to bet our account on.
Steemit says that they cannot recover your password and I advise you to read these seven rules.
If we lose access to our account on Facebook we can just go, "Oops! I forgot my password. Send me another one through the email."
I've lost lots of passwords online and used the email recovery option. There is no email recovery option on Steem. If we lose the password, we lose access to our account. That is the number one risk factor for Steem.
The most likely possibility of something bad happening is losing access to our own account. What I recommend to prevent this and to build an ongoing security solution for all passwords is to use LastPass at lastpass.com.
My friend @robertgenito recommend LastPass to me which has helped me a lot with backing up and storing my passwords securely. LastPass is a vault where I store all or most of all of my passwords online except the password that opens LastPass.
LastPass allows us to just remember one really secure password and we can also set up two-factor authentication to provide additional security on our account, and then once we log into our LastPass account we get into a vault that has all the rest of our passwords.
I highly recommend using a password manager to back up, not only LastPass in terms of using it for Steem, and not only to back it up, but also to back up other passwords, because this will just speed up the sign-in process and allow for much greater security.
What a lot of us do is just use one or some basic series of passwords that if any of those passwords get out a hacker can easily crack almost all the rest of our accounts even if we use systems like adding ones or specific numbers or letters based on the website.
LastPass allows us to just generate secure passwords all the time and if one of our passwords to one account gets compromised that allows the rest of them not to fall down like dominoes or bowling pins.
With Steem, LastPass also helps us with not losing our password. We can have our LastPass account set up so that we can put our Steem password in LastPass, and then I also recommend an offline backup in case that LastPass goes out of business or all of a sudden goes down and the passwords aren't available there.
An offline backup will allow us to immediately change our password if something happens with LastPass. Therefore, it is critical to get the password to the account set up in a way that it will not be lost over the next five or ten, maybe even twenty years, because if at any time the password is lost and can't be recovered, we've lost access to our account.
Now, once we are confident that our password is both in a password manager and/or backed up in a secure method offline, then we are ready to start using permissions, which will allow us to sign into our account and stay signed in without having to even put our password in.
It doesn't do much good to have our password backed up in LastPass if we're then signing into steemit.com, if we're signing into other Steem apps with our password all the time because then someone could get a hold of our password as we use it on a day to day basis.
On Steem the password is the highest level of security, which means that if anyone gets the password to our Steem account, that password can then just be changed and we can be locked out of our account, and desperately hoping to get back into it by recovering the account, which is not at all guaranteed.
Therefore, the ideal solution to keep our account safe is to only sign in with the posting and the active keys as needed while keeping the password stuck either/or in a password manager and/or offline somewhere.
Once we've got the password stored securely offline and we've got a hold of our posting and active keys, we can then sign in and do everything on our Steem account except change the password and the keys without having to use our password.
Now, what you see below is the public key. What I have to do to actually use the posting key is to click "Show private key."
On the active key, I need to log in to show the private active key as well, and I will need the password to do that.
Therefore, on the very first time when setting and backing the password up, and signing in and out of the account with the password, I would grab the password and put it in LastPass, and then sign in and out of Steem immediately afterwards to make sure that the password in LastPass actually works to sign in.
Then, after signing in with the password, show the private key and log in to show the active key, and get a hold of the private versions of these keys. These are the public versions that start with "STM" and the private versions will usually start with a "5."
Now, those keys are essentially lower level passwords. Those lower level passwords should also be backed up in something like LastPass or kept offline, but something like the posting key should be available for convenience. You want to be able to easily use the posting key to sign into Steem anywhere. The posting key is what I use to sign into steemit.com.
The private posting key, which is available by clicking "Show private key," is what I use to sign into steemit.com and that's what I use to sign into other apps unless the apps need the active key.
The active key has greater permission than the posting key.
The posting key allows for making posts, comments and votes. The active key allows for transferring funds and for powering up or down and voting for witnesses.
The active key may be needed to sign into some apps. Therefore, all we need are the posting and active private keys to sign in and out of our Steemit accounts on steemit.com or to sign into our Steem account on other apps.
Therefore, on day one the only thing that is critical to do right after we've got access to our accounts is to get our password, back that password up, get a hold of our permission keys, get those private posting keys and active keys and start signing in and out of Steem with those keys.
Once we can verify, we are able to sign in and out of Steem with the posting key and the active key, and once we've verified our password works to sign in and out of our account wherever we've backed it up, then we stop using our password. We do not use our password anymore to sign in and out.
The only thing we need to use our password for is if we lose our posting private key or our posting active key, we can't remember them and can't sign back in, but if you are using a password manager that shouldn't happen.
Or, if you think the posting or active key have been compromised, then you can go in and change the password, which will change the posting and the active key and remove the ability of those old keys to do anything.
Day one is all about account security.
You want to get account security right from day one because it's much easier to start off and do account security right from day one than it is to suddenly discover as I did after two months of using Steem that I was signing in with my password to everything, and that I very easily could lose access to my entire account if someone else anywhere got a hold of my password.
I then changed my password to prevent anyone with the old password from being able to get into the account within 30 days and now since then, I use the posting and the active keys as the only things I use. I haven't signed in with the password in months.
I hope this has been extremely helpful for you in getting started and once you are comfortable signing in with the posting key and/or the active key depending on where you want to sign in, then you are ready to do day two.
The posting key is the only thing that should be needed getting started, but you want to also have the active key available for things like witness votes or other apps.
Therefore, in summary, to complete day 2, you will want to have the posting private key ready to go and be signed into Steem with the posting private key.
Thank you very much for reading day 1 of "Steem 28-day Basic Training" here with me, Jerry Banfield.
I hope this has been helpful for you and if you've enjoyed this, I hope to see you in day 2 of "Steem Basic Training."
Thank you for reading this blog post, which was originally filmed as the video below.
If you enjoyed this video, would you please leave a like on it because that's how I'll know to do more videos just like this.
If you found this post helpful on Steemit, would you please upvote it and follow me because you will then be able to see more posts like this in your home feed?
- Facebook page with 2,232,245 likes.
- YouTube channel with 215,427 subscribers.
- Twitter to 104,008 followers.
Our Most Important Votes on Steem are for Witness!
Would you please make a vote for jerrybanfield as a witness or set jerrybanfield as a proxy to handle all witness votes at https://steemit.com/~witnesses because 100% of my witness earnings pay for ads that will help promote Steem for years? Thank you to the 2100+ of us on Steem voting for me as a witness, the nearly 1 million dollars worth of Steem power assigned by followers trusting me to make all witness votes through setting me as proxy, and @followbtcnews for making these .gif images!
Let's stay together?
- If you want to stay updated via email, will you sign up either to get new emails daily at http://jerry.tips/steemposts or join at http://jerry.tips/emaillist1017 to get an email once a week with highlights?
- If you would like to build an ongoing relationship with me online and help me get to know you, will you please choose a reward on Patreon at https://www.patreon.com/jerrybanfield and join the discord server afterwards because I check discord daily for new messages and host voice calls once a week for partners and clients?