You are viewing a single comment's thread from:

RE: New App to Secure Your Steem Account

in #steem8 years ago

Sure. This is a locally installed, native app. It can't be a single point of failure, as attacking it requires attacking every user individually. Unless someone attacks Github and uploads malicious binaries. I'll have to look into some code signing to deal with that...

Sort:  

Any thought on how your software can deal with key loggers? I am thinking 2FA. Also is my steem power save ?

If you've gone and gotten yourself a keylogger, there's very little I can do to help you. Any 2FA solution would mean you require my server to access your private keys, and I cannot subject my users to that kind of uncertainty.

No, the 2FA would only carry a random code. This will eliminate the hacker from using the wallet to execute any action.

I have all my value locked up into steem power, is this safe? Does your wallet solution only deal with steem and steem dollars?

Either the 2FA is enforced solely by code in Steem Pressure, in which case it's a placebo which adds no security at all (but is a lot of work to implement), or it requires a secret on my server, which is even less secure. :P

As to Steem Power, it's as safe as your account is. If someone stole your owner key, you'd be sunk, but at least it would take them 2 years to sell it all. :P