I log in with my posting key, but every time I do a financial transaction and use the active key, da kaput'r wants to update to the active key. If you are not careful and accidentally click on "update" instead of "don't update", the next time you log in, the Kaputer will be using the active key. At that point the thieves are one step closer to taking your mojo. Never use your master key, because if they get that, they won't take your mojo; they will take the account.
I'm the last guy who should be offering tips, but I will anyway. Don't use your computers auto password fill in function. I work on a secure computer no one else uses, so I keep my Steemit passwords on an electronic sticky note on the screen and grab the one I need when I go to log in. No accidents that way.
That wouldn't work for me, but is a valid method for those with only a few accounts. Thanks for thinking along on these issues. Greetings!
I certainly don't use this method for all my accounts, only those where security seems to be of the utmost importance.