Thanks a lot for the explanation! Sheds a bit of light. I just commented on @simplymike's post that I still have a hard time understanding the exact use of the various keys.
How do I keep my money safe?
A: Use your private posting key and don't trust anything that asks for your password.
I still don't get how (where) to use the Private Posting Key. I use chrome and my account is always logged in except if I clean the browsing data. So I am never asked to use the Private Posting Key... hence my confusion...
Thank you!
It could be that your browser saved your password the first time you logged in. This would mean you log in with your master password every time. Just to be sure, I would clean my browser data, and then use the private posting key to log in, so that one can be saved. You should keep your master password somewhere safe and use it only to change your keys (which is like never - lol)
Once logged in with your private posting key, you will be asked to log in with your private active key every time you send money to someone.
According to chrome, no password was saved. But I read somewhere that this is not the way Steemit keeps being logged in. I can imagine it's more with a cookie or something else..
Thanks again for taking the time to answer @simplymike!
Just clear your cookies and cache of your browser. I think that should do it