How i lost my Steemit account and how to secure it

Hello guys, I am a new user of steemit. I am going to tell my story of how i lost my steamit account because of "STEEMFOLLOWER".

My first account was @hilyrics which i had started 2 days ago with few posts. Thank god! I dint loose much steem as I experienced it at the early stage. But still its a sad thing, as I realised, I can never gonna get it back again.

This is how it Began....

I had got a comment by this person (@randystiefer) for one of my posts, suggesting about "steemfollower.com" to get more upvotes and followers.

So i just without second thought, clicked the link. "steemfollower.com" asked to login with steemit credentials.

Since i am new to steemit and i felt it was a part of it, i just entered my username and password. Suddenly it gave an error saying "Wrong Password". I cross checked my id and password but after trying it again and again it was stil unsuccessful.

Then i got back to my steemit account and tried to login, but shockingly my account was not accessible anymore. It was giving me the same "incorect password" error. I even tried to reset password. It displayed an error saying " Missing owner authority". At this point, i was sure something is fishy with "steemfollower.com". After getting my password access they might have changed my owner authority and password.

Then i even tried - Stolen accounts recovery option. As expected it was not successful either.

The recovery process is very poor. We cant recover with our Email and phone number too.

As everyone know, Steemit has specifed - that steem it cannot recover lost passwords. But why not?!!

Here are the 7 Steemit rules:

"The first rule of Steemit is: Do not lose your password.
The second rule of Steemit is: Do not lose your password.
The third rule of Steemit is: We cannot recover your password.
The fourth rule: If you can remember the password, it's not secure.
The fifth rule: Use only randomly-generated passwords.
The sixth rule: Do not tell anyone your password.
The seventh rule: Always back up your password."

I agree with the rules because they have no control over our credentials, as it is built on blockchain technology. But my question is, why do they collect our contact details such as phone number and e-mail and verify them at the time of login. But why cant they take a step forward and verify the same at the time of unauthorised access. Reseting password by email or otp is not at all posible. Then why do we need to provide our phone number and e-mail? if we cant even use it for anything in practical.

Finally i lost hope of recovering the account so decided to create a new one. Here comes the headache! We cant use the same email and phone number again. somehow i managed to create new one.

After making some research on how to protect my account from unauthorised acces in future, i found the bellow steps to secure the account.

There are different types of keys in settings, if you want to use it with 3rd party services.

• POSTING KEY : The posting key is used for posting and voting. It should be different from the active and owner keys.

• ACTIVE KEY : The active key is used to make transfers and place orders in the internal market.

• OWNER KEY :

The owner key is the master key for the account and is required to change the other keys.
The private key or password for the owner key should be kept offline as much as possible.

• MEMO KEY : The memo key is used to create and read memos.

NOTE: Don't use your steemit.com password anywhere outside and store it ofline in secure place. Never loose your steemit access again...

Areas To Improve in Steemit:

• Two factor authentication has to be implemented.
• Reseting password via E-mail or OTP is most essential.
• Propper warning and guidence should be provided to new users regarding possible disaster.

If you have also lost your account or have come accross any such issues, or if you have found any solution to recover the account, please leave a comment below.