Safety first: First aid kit for Steemians who are just beginning this great journey

in #steem7 years ago (edited)

The last weeks I saw some worrying things on Steemit regarding hacking of peoples accounts to steel or transfer the Steem and Steem dollars. So I would take this opportunity to clarify some Security related things about Steemit and what you can (or must) do to stay as safe on Steemit (and other sites) as possible. There are a lot of new Steemians entering this great platform everyday, so this would be a good guideline and explanation about safety and secure Semming :)

Steemit passwords


Within Steemit passwords and keys are more or less the same. You have 4 keys/passwords with your account. Those keys/passwords are all generated when your account is created.

  • Posting
    The posting key is used for posting and voting.
  • Active
    The active key is used to make transfers and place orders in the internal market.
  • Owner
    The owner key is the master key for the account and is required to change other keys. You have to keep this keep as much as offline as possible because it has the control over your account.
  • Memo
    The memo key is used to create and read memo’s

Posting key


The posting key is, like it says, the key used to post, comment upvote or follow other accounts. You can use (or must) this account for the most part of using steemit. Other keys aren’t necessary and are even dangerous to use in case they got compromised, so it’s good to teach yourself to only log in steemit with your posting key.

The Owner key


With the owner key you are in charge of your Steem account. With this key it is possible to post, vote or transfer steem and steempower. With this key it is possible to change the owner key to another key so this is a pretty important key and you have to be very precautious with it. If this key comes into the wrong hands it is possible to empty your account totally. Advice is to store this key offline and don’t keep them on a place witch is connected to the internet.

Memo key


The memo key is implemented for future purpose and isn’t used yet.

Steemit password risks


In the previous part I have written which passwords or keys there are in Steemit. In this part I want to tell a little about the risks that goes with it.

With your owner key a hacker can take total control over your account and so change the other keys or transfer your hard earned Steem and Steem dollars to his own or another account, pretty risky. So it’s the best not to leave your key in a file on your lap- or desktop which is connected to the internet. Because when a hacker can compromise your computer, he then has the keys.

Last week there were several accounts compromised on Steemit, the exact cause I don’t know, but these compromised accounts where used to comment on people’s post. In those comments was written that the particular post was plagiarism and there was a link to another post. When you clicked the link and then hit the back button in your browser, you got again a login screen for steemit. In real, it wasn’t a login screen from Steemit but a phishing site to get to your owner key to get to your steem..

Pasword recovery


If your account is compromised you have 30 days to recover your own account from the moment it was compromised. This can only be done on steemit.com and you have to know the most recent password/key.

click here for account recovery

Password security advise

  1. You should use the different keys for its purpose. Although it is easy to use the owner key for all actions, it is also the most dangerous because if someone compromises it, he/she is owner of your account. When you use your posting key to login in that’s fine. You can’t make any transactions with it, but you can upvote and post your posts. With the active key you can make transactions, power your steem up, power your steem down and transferring your steem.
  2. Store your password never online unencrypted, it is better to do this offline on a local PC at home. When you think somebody is logging in with your account you should change the password, when you do that all the other keys will change too.
  3. Malware can compromise your Windows computer, when It does it is possible for hackers to watch everything you do on screen and scan your file system, or even install key-loggers which saves all your keystrokes on your keyboard. You can imagine what they can do with all that information, that is not alone about steemit. SO make sure you have malware protection installed on your computer and that you update it regularly.
  4. Backup your keys in offline backups and make sure you save those saved over multiple locations so when a disaster strikes, you still have your account information on another place.

Feel free to resteem this post to reach as many Steemians as possible to bring the risks to their attention..

Most important, don’t share your keys, and if things look awkward don’t log in or don’t give your information

Image source


steem-banner.jpg

Stay safe...also on the blockchain...

Sort:  

Thank you for the info! It is a pleasure to see that you are interested in our safety! :)

welcome to steemit, nice

Happy steemit !!! cheers

Mooi stukkie :)
Zodra iemand zegt; safety first, vanaf dan zijn we vrienden😋

Hi @lopezdacruz thank you, I am not new to Steemit :) I used the hashtag "introduceyourself" to show this important info to new steemians.. :) But thank you for your reply..

Ik wilde je even laten weten dat de reacties op je safty blog heel leuk zijn. Mensen danken mij voor het vermelden van jou blog. Dacht ik last het je even weten!

Wat leuk, dank je wel erg leuk om te lezen !!

Appreciate the info here mate!

My pleasure !!

Wat een goed blog!!! 😂 dit is wat ik bedoelde als newbies deze lezen kan het nooit meer mis gaan !

Zal hem resteemen bij mijn account 👊

haha dank je wel !! Ik hoop dat ze er wat aan hebben, en bedankt voor het resteemen :)

Thank you

You are very welcome !

Thanks great advice, need to change a few things now!

Here is a question for you, which is the password you are supposed to use to log in to steemit and if you are logging in with the wrong one how do you check and how do you change? Thanks

Hi @scheino , there is not really a check on using the right password. But if you log in and you are directly able (without logging in again) to tranfer steem or steem dollars you are logged in with the wrong one :) then simply log off (check the url for phishing) and log in with your post key !!

I am new to steemit and I must say this is very helpful. Thanks for taking out time to elaborate on this important points

I've done it with pleasure :) Thanks for the reply

Thank you @verhp11 for the providing me with an understanding of the various passwords.

All my pleasure !! have a great day !!

vermelding.jpg
klik op de afbeelding om de post terug te vinden.

Top, dank je wel !!! :)

Very useful posts you are told us the professional things about how safe your accounts thank you very much.

It is all my pleasure, thanks for your reply!!

thanks for sharing! a great help for a newbie like me.

No problem !! Welcome !!

Thanks for the info and thanks to @brittandjosie for the timely advice to come check you out. #passwordsecurity

Hello there... this is really a good article to read on since I've got some problems with my password on my previous steem it account that forced me to give up on it.
Thanks really for this blog.

Very important this information!