STOP EVERYTHING YOU DO RIGHT NOW AND MAKE SUPER SECURE UNIQUE PASSWORD FOR YOUR 3 STEEMIT LOGINS

in #steemit8 years ago

A lot of accounts has been compromised here on Steemit due to an exploit and bad security-routines. I hate losing money, and I am sure you would hate to lose your steemit account due to your own stupidity, so right now is the time for YOU TO SECURE YOUR ACCOUNT THE RIGHT WAY!


Step #1: Go to https://lastpass.com/ and install the chrome & firefox addon - buy the premium package, security is worth paying for.

Step #2: Go to Permissions here on Steemit and change each password so you have a unique password for each login (Posting, Active & Owner)

A great password should contain at least 100 chars and look something like this: 9J7Jw64fH&SuoTPZj1y7LmsVDZnwW1X4B3u084*DxgY!y8vv94@9nA6%g8U1LyIuU6gThAO!R6gw0JjThj8yVNSF0csh$F&D!J

The Password-handler (LastPass) will take care of remembering it for you.


Use your Active Login for Money/Transfers
Use your Posting Login for posting & upvoting.
Put your Owner-Login away in cold storage, do not use it to log in with EVER, unless you are selling your steemit account.


Sort:  

I like keepass more and it is really free, and more than that: it is open source (OSI certified). http://keepass.info/

better they integrate 2FA

2FA utilising PGP trumps EVERYTHING

They will according to the latest update:

"After successfully containing the hacker on the evening of July 14, today we temporarily took down Steemit.com to mitigate a DDOS attack. The silver lining is that this timeout allows us to begin implementing an advanced security protocol, which includes the deployment of blockchain-based multi-factor authentication. As the website is being upgraded, all user accounts and tokens are secure."

Totally agrees this...we are all over other sites that holds our funds using ONE password and 2FA , they are secure. But what about 100% secure site? . We'll never know about that utopia.

I'm not going to do any of this. I just want to post. This is fucking retarded. If I can't just have one password of 10 characters or so of uppercase/lowercase...I just don't give a shit about the service. 3 fucking passwords. Fuck you.

YES!!! X2 on this excellent advice! There is no substitute for top notch security practices.

Even though changing your keys/passwords are good practice, I thought the site was hacked, so it wouldn't have mattered if you changed your keys or not?

If the hacker gained access to our passwords then our accounts may still accessible if passwords have not been changed since the hack.

Also, this was a client-side attack, not a server-side attack.

Nah,I will just stick with password0123456789. sarcasm involved

There are no options to change any of the passwords for any of the levels in the Permissions tab.

I cannot login as 'Owner', there is no recognisable password.

good post.. thanks for sharing

Coin Marketplace

STEEM 0.16
TRX 0.15
JST 0.028
BTC 58665.29
ETH 2302.95
USDT 1.00
SBD 2.51