Spring Cleaning Steem Acccount to Avoid Hacker

in Steeming Community2 years ago (edited)


Hello Steemian! Lately we have been saddened by the news of hackers been busy stealing funds from our fellow steemian. We as active users in here also now in fear of becoming the next victim. Please keep on reading on how to keep your steem account safe.

How to keep your steem account extra safe?

It is recommended that you should do some spring cleaning to your steem account by checking all the dapps that you have login into or you have given these dapps your posting or active key authority in the past.
You should be removing all the posting/active key authority to dapps that no longer active on Steem blockchain.
Another reason is that there is also a possibility that you have accidentally expose your active key while accessing malicious Dapps on your browser.

How to remove the posting/active key authority from these Dapps?

There is a tool by @steemchiller where he explained in more depth in this post here SteemWorld Update / New Tool for Managing Account Authorities you can easily do this process by login into his Dapps https://steemworld.org/

First step, go to https://steemworld.org/ then at the home page click on the Account Auths


On this account-authorities page you will see all the lists of Dapps that you have given your posting/active key authority.
To remove them from still having your posting/active key authority you just click the red "X" sign located at your right side next to the list.


After done with removing all the old Dapps that you no longer need or trust then click "Save Changes" to complete this process.


Then you will be ask to signing the transaction with keychain if you have installed this keychain extension on your web browser or


with steemlogin if you click "No" and you will be asking to put your Private Active key to sign this transaction.


After a few seconds, please refresh the page and you will see that those old Dapps that you have removed no longer in the list. Congratulations! You have done this process successfully 😃

Change your Master Password

The next step you can do to making sure your account extra safe is by changing your Master Password. This can be done by going to this page here https://steemitwallet.com/change_password or go to the 3 bar on your top right side of your Steemit blog page and on the dropdown select "Change Account Password"



Then on the change password page fill in the required data such as your steem account name and your current Master Password.

Then click on the "Click to Generate Password" tab to generate your new Master Password.
Next is copy paste this generated Master password into the next box under the "RE-ENTER GENERATED PASSWORD" and most importantly make a copy for yourself by copy/paste it to somewhere safe online or write it on a piece of paper for offline keeping too.


Then lastly select the 2 boxes of the reminders and click "Update Password" button to complete this process.

The above process is for spring cleaning your steem account from all the old not functioning Dapps. After done with the spring cleaning process, you can then login back into the Dapps that you trust or currently run by top Steem Witness and enable your posting or active key authority to continue using their Dapps.

What if you have been a victim of fund stealing?

If you have been a victims of the hackers stealing funds from your account, you should do the above process then change your Master Password process 2 times to making sure your account is safe.
p/s: You don't need to do Stolen Account Recovery as this process is only for when you cannot access your account with any keys/password that you currently have because hacker have changed your master password.

When to use Stolen Account Recovery?

A lot of Steemian confuse when to use this feature. You only use this Stolen Account Recovery when the hacker have changed your Master Password and you cannot login into your account with your current Master Password/ or any other Keys. You can regain control of your account again by using your old Master password and initiate this process. Remember this process only can be done if :

  • within 30 days after your master password was changed, as after 30 days, there is no way to recover it.
  • you can provide the email address that you used when you signed up, your steem account name, and a master password that was used in the last 30 days.
    You may contact Steemit via [email protected] if no feedback in 7 days after you submitted recovery request.

Please refer to this post for more details on How to initiate Stolen Account Recovery Your Steem Account gets Hacked? What to do next?.

In conclusion, DAPPs on Steem blockchain are not dangerous and unusable. Users can do re-authority/re-enable your posting/active keys to the tools/DAPPS that you trust after you have done the spring cleaning steem account method as explained in the above section. However as everything in life have it's own risk, the same with using this DAPPs and it is recommended to use the DAPPs/tools that you only really need and be extra careful while using them.
I hope that you will be doing this Spring Cleaning your Steem account regularly to avoid hacker attack.
You may also make use the Savings feature on steemitwallet page to keep your fund(Steem/SBD) safe as you will get notified for 3 days before the withdrawal be enable.

Stay safe and Keep on steeming!



I plan to add a new tool on SteemWorld, which enables us to see all users that gave permission to a specific app/account. Maybe I can directly show a hint to users with old authority entries when they visit their dashboard ;)

Surely that would be a great idea, as it might help us finding out reasons as to why and which app made us at risk !

Like we tried guessing out common similar apps between accounts and there were nothing to guess...

Would love to see this new tool @steemchiller

I'm already working on it. The tool should be ready in the next few days ;)

Great i wish you best of luck for that ❤️

I plan to add a new tool on SteemWorld, which enables us to see all users that gave permission to a specific app/account. Maybe I can directly show a hint to users with old authority entries when they visit their dashboard ;)

 2 years ago 

That would be very useful x 2.

It would be bery helpful @steemchiller. And thank you for this info @cryptokannon


For example, if I join the curation trail then I have to give permission. Well, if I participate in several curation trials then how do I know or able to see which account has the access to my account and which trials are active.
So, if you provide that kind of feature which allows seeing all the authority entries then definitely it will be blessings for all steemit users.❤

 2 years ago 

Nice that would be helpful.

 2 years ago 

Thank you for making this post @cryptokannon

 2 years ago 

Thank you for the guidance on the making of this post too. 😄

Good idea friend. Hey you, are you the genius behind the steem blockchain. Do you know if there will be any way to recover the keys of the tron ​​accounts created through the steem wallet. I ask. Because I have friends who unknowingly generate new accounts. And his rewards were accumulating in the last account created but apparently he lost the private key of this one. And I don't know, this issue is quite a mess. Can't recover right?

Hi, if he doesn't know his private key, there is no way to access the tokens in his wallet. Didn't he download the TRON PDF with the key? If not, looks like he needed this to learn the most important lesson in the blockchain world:

Never lose your private keys and always keep at least one backup at an offline place (cold storage)!

 2 years ago 

Hello friend @steemchiller, a question, will you be able to create a tool from Steemworld.org to recover master keys or stolen accounts, I mean, when we make a report to Steemit they tell us that within 30 days they give us an answer, now if we have the last master key we used in recent days is not it better to create a tool from Steemworld.org and recover that account?

Yesterday the Steem wallet page was having problems. . . . My mother @marlenyaragua tried to change the master password during this period and the page changed the master password and at that moment the page crashed, then she literally changed the master password and failed to store it, I ask you again, is there any way or method from Steemworld.org to recover the accounts and not wait 30 days?


There is already a tool for recovering accounts on SteemWorld: https://steemworld.org/account-recovery

Important to know is that only the recovery account can start a recovery request. After the recovery account started the request, the account to be recovered needs to confirm it (can also be done on that page).

So, if you want to make use of that feature in future, you first need to change your recovery account to someone you trust and who is capable of doing the mentioned steps.

Changing the recovery account can be done on the Dashboard page (Account Details -> Account -> Change Recovery Account).

 2 years ago 

Agradecida por el apoyo @manuelramos

 2 years ago 

Que bueno verte de vuelta madre! Bendiciones!

I do friend. But I don't know about me, because I have a group of women where I try to help them on their way through steemit. and one of them is presenting that problem. She showed me like 5 PDF with 5 accounts different. But neither is the account where the TrX accumulated. Anyway, thank God it didn't happen to me and I always keep my things. By the way I found out that for example, if you can import any Tron account from steem's wallet. For example, import the Tron account from binance's real address. I found her on the scan throne. And suddenly my account increased the value in USD and the amount of binance tokens was refluxed hehe it was fun I felt a millionaire for a second. Then I re-imported my old account and was poor again. I'm just telling you, it was something weird that you can do that.

Same happened with me :(

follow me dear

I think very useful. I hope that we will inform everyone more about this and we will not be exposed to such hacking incidents. Community leaders, in their own right, need to constantly alert users to this issue.


First step, go to https://steemworld.org/ then at the home page click on the Account Auths

Thank you, helpful, did not know about this possibility.

Thank you very much, the truth was I found this information very useful, this is actually a great idea to keep us safe, thank you, I say goodbye sincerely.

 2 years ago 

I'm glad it useful to you. Keep on steeming! 😊


That's really good guide to secure accounts but steemit team have to freeze those hackers accounts and send back stolen tokens, like few months ago I have faced this maybe I have given access to some Dapp or etc my account got hacked and almost 278 Steem transfered within seconds I wasn't able to complain anywhere I tried twitter account and steemit official account but no one listened and it's gone so steemit team should do something for us and freeze those accounts or put some restrictions they can do anything thanks

278 Steem you can see in this screenshot

hello dear friend @cryptokannon good morning
Thank you very much for the information, you have made it very practical, I just did my homework to revoke the accounts that I no longer use
I really appreciate your time to offer us this information.
I wish you a great day

follow me dear i will back

 2 years ago (edited)

Anyone may use this post to educate or translate into your own language without asking for my permission. It is open source and copyright free 😊

Lo tomaré para informar a la comunidad, aunque hace días hice una parecida https://steemit.com/hive-193637/@edlili24/cambia-tus-claves-steem-por-tu-seguridad te invito a verla! Gracias por esta información!

follow me dear i will back

friends please support my steemit account, I want to improve the family economy


Thank you for this very useful information ... the way you run it there is very easy for everyone to understand.

Coin Marketplace

STEEM 0.17
TRX 0.09
JST 0.026
BTC 26914.77
ETH 1670.29
USDT 1.00
SBD 2.24