The Steemit Key System: Keeping Steemit Secure

When you sign up for Steemit.com and create an account you will be given different "Keys". These keys are unique to your account. The keys are set up in a hierarchy, meaning the higher up you get the more permissions the key will have. It is important to keep your keys safe. When you use your keys online there is always the risk of a malicious attack where someone could get these keys. The more any password is used online, the higher the chance it will be compromised. This is why they are setup in a hierarchy. You should use the key with the least permissions possible. We will go over the hierarchy later in this post. When you create your account you will receive the following Steemit Keys:

• Master Key
• Owner Key
• Active Key
• Posting Key
• Memo Key

Key Retrieval: How To Later Retrieve Your Keys

Your Master Key is only given to you this one time so it is suggested that you save a copy of this key somewhere offline.

If you need to access your other keys at anytime you can do so by logging in to steemit.com and navigating to your thumbnail image on the top right of your screen. Click on your thumbnail, then click on "Wallet". (see image below)

Once your wallet opens, you will be on the "Balances" tab. You need to click on the "Keys & Permissions" tab. (see image below)

On the "Keys & Permissions" tab you will see a tab for each Key. (see image below)

You can click on each tab to view each different Key along with a description of what the Key should be used for and it's permissions. (see image below)

Key Hierarchy: Breaking Down The Keys' Permissions

As explained above, each Key has it's own permissions. They are set up in a hierarchy to help keep your account secure. You would only use the Key with the minimum permissions required to perform a certain task. An example would be using your Public Posting Key (the key with the least authority, or permissions) to log in and publish a post or comment on posts from others (task most frequently performed) and then logging in with your Active Key to power up or send STEEM to someone. This allows you to use your more vulnerable keys as least as possible to minimize the chance of a malicious attacker gaining access to them.

The Password and Key hierarchy is as follows:

Master Password:
This is your actual account password. All the Keys are actually derived from this password. This password can perform any task on Steemit however, it should only be used for account recovery. If it was ever compromised, an attacker could take over your entire account and all of the tokens in it and you would be locked out forever. This is why Steemit created the Keys. Using the Keys prevents you from ever having to use the Master Password, keeping it as safe as possible. This password is only given to you when you first create your account. You can not retrieve it later like your Keys. It is advised you store it offline. If any of your Keys ever got into the wrong hands, as log as you still have your Master Password, you can always change all your Keys and regain total control over your account.

Owner Key:
The Owner Key is the most important Key. It is meant to only be used if absolutely needed. This Key has additional permissions that allow you to recover your account and change your other Keys. It should be stored, securely offline and only used to change your other keys if someone hacks your account.

Active Key:
The Active Key is for wallet related tasks such as transferring funds, power up/down transactions, or converting Steem Dollars. You will also need this Key when voting for witnesses, updating profile details and avatar, and placing a market order. You should only enter your Active Key into apps which you trust because anyone with access to this key can take your tokens. Store this key safely to avoid losing tokens.

Posting Key:
The Posting Key will be the Key you use most often. You should sue this key when logging in daily. It will allow you to post, comment, edit, vote, resteem, and follow or mute other accounts. This would be the Key that has the most risk of being compromised since you are using it daily. If this Key was ever compromised in a malicious attack, as long as the hacker doesn't have your other keys, they would not gain access to any of your tokens or have the ability to lock you out of your account. This is why they Key hierarchy was put into place.

Memo Key:
The Memo Key is basically the least important Key. It is not used much because the only thing it can do is encrypt and decrypt private messages that are sent through the blockchain.

TRON Keys:
Now that TRON is integrated into the Steemit platform you will also be receiving TRON Keys when you create an account on Steemit. The two TRON Keys you will receive are:

• TRON Public Key (also the account address)
• TRON Private Key

Tron Public Key/Account Address: Your TRON account address is used for receiving TRX rewards. TRX rewards are given in proportion to the number of SP you can redeem. Your TRON account address is also the TRON account public key. They are one and the same. It is used for transfers. The public key is the address you send the tokens to.

Tron Private Key: Your TRON Private Key has the highest authority on your TRON account. It is used for signing transactions of TRON, such as transferring tokens, freezing and voting. Similar to the Steemit Master Key, this TRON Private Key is only given to you one time, when you first create your account. It is advised that you save a copy of this key offline to protect your TRON account. (NOTE: If you are using an existing TRON account, you will use the private key you already have for that account)

Securely Storing Your Master Password

We went into detail above on the importance of the Master Key, it's function and the fact that you need to safely store it offline. Some examples of ways to do so are:

• Write it down on a piece of paper & store it somewhere safe.
• Print the PDF & store it somewhere safe.
• Save the PDF to an external thumb drive & keep it in a secure place.

For my account I have chosen the third example- Save the PDF to an external thumb drive and keep it in a secure place.

Performing Common Actions in your Wallet Using Keys

Transferring STEEM: Use Your Active Key To Transfer STEEM
I will now show you how to transfer STEEM to someone else. In order to perform this action in your account you will need to use your Active Key.

Step 1 - Navigate to your Wallet.
Step 2 - Click the gray arrow to the right of your STEEM balance

Step 3 - A menu will pop-up. Click on "Transfer"

Step 4 - Fill out the window that appears accordingly. Fill in the user account you are sending the transfer to, The amount you want to send, a memo (optional), and then click next.

Step 5 - Next the website will ask you to enter in your Active Key. As explained above, you need this Key to perform financial transactions, like transferring STEEM.

Now the funds will transfer to the requested user account!

Powering Up - How to turn your liquid STEEM into STEEM Power
I will now show you how to Power Up. Powering up is the process in which you turn your current STEEM into Steem Power. You can convert any amount you would like. The higher your STEEM Power the more influence you have on the platform and the more you are able to earn from curation.

Step 1 - Navigate to your Wallet

Step 2 - Click the gray arrow to the right of your STEEM balance.

Step 3 - A menu will pop-up. Click on "Power Up"

Step 4- You will now fill out how much STEEM you want to Power Up and then click the "Power Up" button.

Step 5 - A confirmation window will appear. Check the details and make sure they are accurate. You also have the option of writing a memo. Click "OK"

Step 6 - The sign in window will appear. You need to sign in using your Active Key since this is a financial transaction. Once you enter your Active Key click the "Sign In" button.

You have now Powered Up. Within a few seconds your Steem Power listed will reflect the Power Up.

Conclusion

I hope in my Achievement 2 post I was able to share my knowledge of Basic Security on Steem using your Keys. I tried to convey all things asked of me in the Newcomer's Community. If you think I did a good job, upvote my post. I appreciate any support.

Have a Great Day! 😁