There's been a lot of discussions lately about security in wallets and I wanted to chime in some facts about the Steem account wallets and how they differentiate from others.
Thefts have been growing lately, recently NiceHash made an announcement stating their hot wallet had been emptied and miners lost an equivalent of $60 million in Bitcoin. With adoption and more users these thefts and hacks will just keep on increasing, its going to be a wild west where only the truly safe options will remain.
Account Recovery
As you are aware by now in crypto, only you hold the keys to your wallet. If someone else has a copy of them or you are storing them on another site such as exchanges then they are never truly yours as they can be stolen or hacked at any time. This is why many only "hodl" their coins and don't trade with them on a daily basis - this is also a big reason for the ridiculous volatility we have been seeing in prices as only a minority trade actively with their coins. Many use so called cold wallets to keep their private keys safe, same thing goes for your Steem account - you should have your private keys backed up offline and in different places to keep your account as safe as possible.
Steem offers an account recovery like no other crypto does. If you have created your account through the normal signup process and the @steem account has created it, this means you are eligible for an account recovery in case anyone were to get a hold of your private key. The recovery works only if you still have your initial private key though, which means that losing the key completely will result in the control of the account and its funds being lost forever. If someone were to take your private key and use it to change it into another so you lose control over your account - the recovery option gives you a whole month time to reclaim it. No matter how often the private key keeps changing, within one month you can recover it by proving you are the real owner of the account with the original phone number and email you used when signing up. This will give the account access back to the original private key which you then can change to another one combined with all other keys within the account.
Safety in savings and vesting
Other than the account recovery which is revolutionary on its own we have some added safety precautions. One of them is your Steempower investment which takes up to a full week to power down 1/13th of it. This means that if a hacker was to gain access to your keys he will have to wait up to a week to be able to steal your Steem that are vested on your account - giving you enough time to recover the private key with the option above.
If you like to hold a lot of coins liquid such as Steem Dollars or Steem, we also have a Savings account that takes up to 3 days to move them from savings into your account to make them transferable. This also gives you a lot of time in the case of a hack to regain control over your account.
Funds you have just laying there in liquid form have a high chance to get stolen in the case of a hack, though. That's why advice most users to not leave big sums just there on your account. Don't give the hackers a chance to even attempt to hack your wallet.
This is what makes the Steem wallet so unique compared to others. With other wallets such as Bitcoin or Ethereum, if a hacker were to gain access of your private keys, you'd have to say goodbye to all of your funds and never be able to get them back.
Remember that Steem is still a fairly new project and updating constantly, we will probably see more upgrades to safety precautions over time. There's also been some talk that many crypto investors don't feel safe with using a website to handle their wallets for risk of getting hacked (which could be a reason why there are so much Steem on exchanges),for that @jesta has created a desktop wallet called Vessel which I urge anyone to check out. Not only being safe it also offers a lot of different functions to make your Steem activities easier, such as delegations.
What are your thoughts on the security of the Steem Wallet compared to other ones?
I change keys almost every week. Makes me feel safer.
One point that is extremely important to add to this story.
All tokens created using the SMT protocol on the steem blockchain comes with this security. What an added benefit for someone who knows content creation but is not a crypto security expert. Instead of being dependent upon some outside individual making sure the tokens are safe, using SMT will enable one to create a token with the strong security you mention.
What an ingenious move....eliminate or at least minimize one of the biggest fears people have with cryptocurrencies....
Yeh you're right about that, STEEM is probably the best blockchain to build the SMTs on and security is a large part of the reason why. At least until EOS is launched
Just remembered what McAffee says: Everything you have on a cell phone can and will be compromized
Is that REALLY true though, not sure I would believe everyting he says...
Technically speaking, McAffee is correct unless you are paranoid about security and never even connect it to the internet or something. There is always a way.
That's pretty epic. Thanks for the info. Don't forget to add that SMT are specialized. It's a very important keyword. Specialization is the reason Dash and PIVX are going to overtake BTC. You always must have a vision and a destination for your journey.
Do you think the steemit platform will be anywhere near as influential as Facebook? It seems hard to imagine that.
It depends upon what they do with steemit. Right now, this site is a cross between reddit and blogger. It is nowhere near the functionality of Facebook. The communities feature, depending upon what that looks like, might move it closer.
The steem blockchain can be as influential. It has the ability to take over the social media world. That is how big some of the apps, if they reach their potential and SMTs can be.
I think steemit and crypto have a long way to go in being as available to the general population as things like Facebook- but I believe that it can happen. Steemit is very different from Facebook though- it's way more technical and more of a blogging site than Facebook is. If steemit were to become easier for the general layperson to use, I think that it could certainly become that popular.
it is possible. considering the rate at which it is becoming popular. it is possible.
lots of development is needed.. I invited a friend to join.. after trying one full day just to figure out how to change the profile picture she got so pissed at the process that she never logged back.. but once the system is developed and people can do things which they do in Facebook in a more efficient and faster way... and Facebook gained to attract a lot of user from the poor class by offering free facebook.. many people still can't afford to buy a laptop or a computer but with cheap androids phones.. many can easily afford to have a smart phone and so can also use Facebook without the need to buy data service... which is how Facebook managed to attract the vast population.. question is can Steemit offer the free data service like internet.org
Please I need you to give me a vote in any of my posts I would appreciate it very much
What an ingenious move ... to eliminate or at least minimize one of the biggest fears that people have of cryptocurrencies ...
let's hope this is positive
This is why I love Steem I heard a lot about bitcoin yesterday and I was shocked
Prices are increasing day by day, surprising, so what?
So, I'll have crypto house very soon ...
haha. i strongly feel that
better ways
I agree a hundred percent and that is what makes Steem Power a very good place to park your money. A lot of people are making huge amounts of money on the crypto market right now, but when things get shaky I think a lot will come back to Steemit and put atleast some of the funds here. They say "you should be your own Bank" Steemit is a good option
Doesn't the inflation make Steem less valuable in the long term?
The inflation does dilute the the value, however, compared to the increase in demand this inflation doesn't have such a big impact I think
Not if it's powered up, you don't lose to inflation.
"Self-Banking"...there's no one you can trust more than yourself
That is very true ! And this way definitely beats putting paper money in your mattress hehe
ello there dear steemit group could you upvotes me and follow me @alhmali
Just need to figure out how to work everything first.. and what it all means!
Actually the vast majority of Bitcoin and other crypto users store their coins on exchanges (even if they're not actively trading), and this is a massive problem.
This is a conclusion of basic math (historic number of transactions vs. exchange accounts as well as amounts held in known exchange addresses).
I would also note that account recovery applies even if you weren't registered via @steem. For example I onboard people using steeminvite.com. If you look at the accounts I created such as https://steemd.com/@one-person, they have 'demotruk' registered as recovery account. Thus if @one-person ever got hacked, they could contact me, I could investigate it and help them recover if I am confident they are the real deal.
That's really surprising that they do that... its like they want another gox to happen.
It's the perfect weak point for the "powers that be "to sieze in the night. I feel like that's one of the few options they have left to stop this thing
And they are most certainly planning that..
It's like 90%+ are total newbies who have never been exposed to much of Bitcoin's history or philosophy.
Can the average person understand the concept of steemit? I don't think so. My wife uses Facebook and she has no idea how steemit works. She's also not interested in knowing how. Aren't most of the people like her? With Facebook, there isn't much to figure out.
Do you have to understand it to use it though? I think we make a mistake of trying to explain everything up front. It's a blogging site that let's you get paid, and your votes are money. Enough said, it works, we don't have to convince everyone of how it works in a more technical or detailed way. You'll come to understand it better as you use it anyway.
Does your wife actually know how Facebook works?
We use lots of things without knowing how they work. I flew to Lisbon on a plane and don't know how they work.
Posting and commenting is how Steemit works, you just get rewarded for posting content instead of Facebook. If you can text a message you can blog.
Dont need any markup language on Facebook.
Steemit is very very simple to use, but definitely way too complex for average FB user.
Need to go even lower down the ease of use ladder to pull in FB users.
I've never met anyone under age 65 that cant figure out FB, and 50% of 65+ yr olds can also use FB.
No way steemit is that easy
That's how i am getting into it now... just ground and pound. Figure it out as you go and always get better.
Good point. She often asks how Facebook has made so much money since it's "free". So, for starters, I told her look how much people pay for Facebook Ads. That money goes to Facebook. Then, she kind of understood. So, you're right. As long as blogging makes you money, then that's probably all most people would care to know.
NiceHash just happened...
Was just going to post this, 60 million $ got stolen.
Even if you're hacked and you have all your steem as steem power, they will not be able to benefit from it, and by that you have time to recover your account.
Do you fully understand the steemit whitepaper? I understand most of the bluepaper, but I'm having trouble understanding the whitepaper. I just read a little bit of it today so after rereading it, I think I'll catch on. Where do you stand on all this?
You will learn more and more about Steemit, the steem blockchain etc just by being online at steemit, communicating with users etc. Just clicking on your "wallet" makes you understand it a lot more.
Informative
Can't wait for a company to create a hardware key holder to maintain all our crypto services keys. Just the same way there are hardware wallets.
This might be a noob question, but what's the difference between a hardware key holder and a hardware wallet?
A hardware wallet is a wallet inside a pen drive, you keep your private keys yourself inside the pen drive which also adds some protection as having to push a button in order to confirrm your transactions so hackers can not get your coins. A hardware key holder would be a pen drive to store all private keys from your services so you do not need to keep them on paper which is the safest way to keep them away from hackers. A hardware key holder does not exist, at least I am not aware of, on the other side, there are several hardware wallets in the market; keepkey, trezor and ledger nano.
So a hardware key holder is basically a harddrive which has never been connected to the internet and which can store text strings? I guess I could use my Casio calculator for that purpose.
Yes, but a little bit more sofisticated and smaller so you could carry it with you and services would "take" the password from the pendrive directly instead of you typing them on the computer and having a chance to be phished by the hackers
All this is new for me as well. I've got the same question now...
I think Steemit can almost be a bit of a distraction away from just how solid fast and reliable STEEM is as a currency. I would like to see more use cases put forward and more opportunities to spend STEEM in the future
Generally, I like steem inbuilt wallets. They are quite safe, except one's account gets compromised as you've clearly stated, @acidyo. I would really like to use witness @jesta's vessel 0.0.9. However, I have a major challenge. The private keys usually have about 52 characters each. The wallet doesn't allow me to enter more than 33 characters.
There's no limitation on that field, that's just as much as your browser window will show in that field. If you keep typing (or just paste it in from a different file), it should accept the entire 52 character string.
Its That Problem Man..
U should Try with Your Real steemit key..
best of luck
that's comes with it's risk though.
Ideally u want to use your 'master' key as less as possible.
ello there dear steemit group could you upvotes me and follow me @alhmali
Greetings friend. So far it seems to me that the security offered by the Steemit platform is quite safe, just like the internal wallets. I think they are super safe. every time I'm going to make a transaction, asken the password and sometimes I forget it. I can not remember names and phone numbers. Imagine remember 52 leters and numbers. LOL
ello there dear steemit group could you upvotes me and follow me @alhmali
Thanks, I would like to share this information with you.
Hi, this is not the way to publicize your work. Please don't SPAM...
Take a look in this before hurting your reputation.
But once steem got hacked in 2015
I was still new at the time, but from what I remember steemit.com (the website) got hacked - and some users keys were exposed. The blockchain itself (steem) didn't get hacked.
I've talked to others about steem, even those big into crypto, and even after explaining how the entire system works they just are hesitant. It's a leap of faith for some I think, to put virtual money into a virtual platform, even if you can multiply the value of your holdings faster on steemit than any other investment. It's frighteningly ingenious to think how Dan the man masterminded such a simple platform that has more network traffic already than all other crypto combined.
full steem ahead.
Ya, my colleagues are really into it recently. Followed
Unsecure blockchains or difficult blockchains will definitely fail. More security=more trust=better investment. I don't know enough about steemit security.
Very interesting read. And you're right, putting it into savings is one of the most secure ways there are!
Is simple and secure, is there any hardware wallet that supports steem?
Thanks for sharing
ello there dear steemit group could you upvotes me and follow me @alhmali
That is why I got my husband to agree to invest in steem for me but the price went up, lol. I am also converting some ETH to power up but only after the present congestion
I hope Steem never gets hacked.. but even if it gets hacked only liquid Steem and SBD can be stolen.. The 13 weeks Steem Power down policy can keep most of the Steem Safe.. and in case if my account gets hacked then what would be the process to recover the account? This recover process is something I'm curious to know
ello there dear steemit group could you upvotes me and follow me @alhmali
meep
https://steemit.com/introduceyourself/@wasi/steem-dolar-and-steemit-must-read-artical-its-helpful-for-all
Thanks , very helpful
Great info, steem really offers a very secure wallet and also insanely fast transactions!
Yes I think so too :)
Excellent information, i agree with your points the steem wallet is so unique and innovative and honestly i never saw such crypto wallet before which can be recoverable even if someone hacks it, well in my opinion these thing gives more strength to steem blockchain and we are seeing a result of it in shape of pumps at exchanges. thanks for sharing this nice information with us, Stay awesome.
I for one take this kind of security for granted and haven't thought about it too much. It's good to know we are in such a unique position because the security aspect will certainly become a bigger criteria for investors. Also if SMT's will be as secure it will be a great selling point.
Go Steemit! I have telling all my friends to get on this platform, big love for this community and how secure it is.👏🏻
@acidyo I agree one of safest places to be is STEEM POWER.....
Security is key for any prominent player in the crypto space. It needs to be a differentiator in this verticle. Go Steem Goooo
All tokens created the use of the SMT protocol on the steem blockchain comes with this safety. What an added benefit for someone who knows content material advent however isn't always a crypto safety professional. instead of being established upon a few out of doors man or woman making sure the tokens are secure, the use of SMT will allow one to create a token with the robust protection you point out.
very informative post..this is the security issue on wallet for being hack by the hackers...this criminal guy and a thief, they will call dawlims on bisaya words...they harvested your hard work...profit, and the worse things they leave you much empty handed with your wallet....please guys be secured on your wallets..
esteemit has a more secure portfolio for its members in the interest of their money and trust in its system and for new members
Actually that's why I loved the sitmate and there is a lot of sophistication within Estimate that makes us all love him
thank you
I am also trying myself to be aware of how steems are secured in my wallet.
Long live Steem! It is so exciting to think about the future of this website.
Can Steemit join this group some day?
That is actually a crazy thought looking at something like that. That would be somewhere to be on a conceptual basis like that.
This is absolutely the truest case. With the ever growing volatility in the market, this is one place where you feel secure for keeping all the steems that you earn.
Start spending and earning cryptocurrency as a consumer and business owner with:
https://steemit.com/ethereum/@wa1ker123/are-you-a-business-owner-start-accepting-bitcoin-and-ethereum
Steem Coming Soon! New Payment Gateway
I think the steemit platform will be anywhere near as influential as Facebook
I agree a thousand percent with this. Steem is a great place for us all to safely (or with much confidence) place some money. Also, thanks for the Vessel wallet suggestion, I had just been looking into it. Nothing is truly safe, but we need to be making as many safeguards as we can. I regularly back up my passcodes offline and in a few places! Building in a routine to change them regularly as well. What do you all do??
i have fun reading this post plz upvote
Its crucial to the platform that security is tight as people really do spend a lot of time on here posting and curating. Its a real time investment so any gains have to be really well protected and it has to be basically impossible to completely lose access in the same way as can happen with online wallets.
I love all the security features we have on Steemit! Most of my funds are in Steem Power, which means that it will take the hackers a full week to gain access to even 1/13th of the funds. The savings feature is also very nice when you need to have some liquid assets!
Well, you have money from your pocket in your fund,
Actually the system is very good,
Good luck for you,
Thanks, good stuff!! :D
Also watch out for tabnabbing and clickjacking (phishing)!
https://steemit.com/security/@gaottantacinque/steemit-chat-is-unsafe
Thanks for your post @acidyo.
Thats the benefit of steem, secure and durable. We may as well bask in this and nod our heads like Steeminaire.
downloading for this. Thank you @acidyo
steem wallet security system awsome..by
crypto
I really like the safe. If there is a lot of Steем, I'll put them in the safe, from there you can get them out in 3 days, but the attacker will not have time to steal money in case of a break-in.
yes Steem wallet is very good
So true.
Security, scalability and speed, Steem has it all!
All the security features that you are saying here is seems to be very safe and I had already learn about this article. Fruits good for all of them who wants to invest their money to steam.
Steem is a long-term and a safe investment.With all the money being nowadays kept electronically it’s very important that the platform is as secure as this one👌
Thanks for the great information. You are genius enough to understand the problem one has to face in it. So far as my knowledge concern, this community is not old enough, so every now and then various innovations are taking place on it. So we should be very careful about our hard work earnings. Thanks friend, your advices are great assets for us. You are fantastic, wish you a very beautiful time ahead my friend.