A lot of accounts has been compromised here on Steemit due to an exploit and bad security-routines. I hate losing money, and I am sure you would hate to lose your steemit account due to your own stupidity, so right now is the time for YOU TO SECURE YOUR ACCOUNT THE RIGHT WAY!
Step #1: Go to https://lastpass.com/ and install the chrome & firefox addon - buy the premium package, security is worth paying for.
Step #2: Go to Permissions here on Steemit and change each password so you have a unique password for each login (Posting, Active & Owner)
A great password should contain at least 100 chars and look something like this: 9J7Jw64fH&SuoTPZj1y7LmsVDZnwW1X4B3u084*DxgY!y8vv94@9nA6%g8U1LyIuU6gThAO!R6gw0JjThj8yVNSF0csh$F&D!J
The Password-handler (LastPass) will take care of remembering it for you.
Use your Active Login for Money/Transfers
Use your Posting Login for posting & upvoting.
Put your Owner-Login away in cold storage, do not use it to log in with EVER, unless you are selling your steemit account.
I like keepass more and it is really free, and more than that: it is open source (OSI certified). http://keepass.info/
better they integrate 2FA
2FA utilising PGP trumps EVERYTHING
They will according to the latest update:
"After successfully containing the hacker on the evening of July 14, today we temporarily took down Steemit.com to mitigate a DDOS attack. The silver lining is that this timeout allows us to begin implementing an advanced security protocol, which includes the deployment of blockchain-based multi-factor authentication. As the website is being upgraded, all user accounts and tokens are secure."
Totally agrees this...we are all over other sites that holds our funds using ONE password and 2FA , they are secure. But what about 100% secure site? . We'll never know about that utopia.
I'm not going to do any of this. I just want to post. This is fucking retarded. If I can't just have one password of 10 characters or so of uppercase/lowercase...I just don't give a shit about the service. 3 fucking passwords. Fuck you.
https://steemit.com/support/@gagecolton/help-i-am-locked-out-of-my-owner-account
YES!!! X2 on this excellent advice! There is no substitute for top notch security practices.
Even though changing your keys/passwords are good practice, I thought the site was hacked, so it wouldn't have mattered if you changed your keys or not?
If the hacker gained access to our passwords then our accounts may still accessible if passwords have not been changed since the hack.
Also, this was a client-side attack, not a server-side attack.
Nah,I will just stick with password0123456789. sarcasm involved
There are no options to change any of the passwords for any of the levels in the Permissions tab.
I cannot login as 'Owner', there is no recognisable password.
good post.. thanks for sharing
Non cloud password manager: https://steemit.com/steemit/@seagul/secure-your-steemit-account-with-256bit-password
Great info
Another great password manager, thanks for bringing it to the eyes of the people :-)
Didn't know you could have different passwords set. Thank you and take my vote sir!
Really digital hygiene should be a topic all of us should be having with our families.
Nice amazing
great
Thanks for the heads up!
I always smile a little when I log in to a website and I see that 50+ digits being autofilled by lastpass. Better safe than sorry!
Amazing, didn't realize there were three different passwords! The more you know how to keep your account secure. Sweet!
Thanks guy, our newbies learned something!
Hey, I just read this post about how hackers will continue on this site: https://steemit.com/steem/@karnal/hackmoar-hindering-attackers-coming-and-kidnapping-my-outrageously-armored-resources
Tell me what you think.
Wery usefull :)
I use Keypass2
Thanx. Will try it out.
If there is a real hacker after you, maybe this won´t count anyway... Just saying , maybe too much fear and paranoia everywhere. You want to be totally safe ? Don´t connect ;)
Very well put!
https://steemit.com/steemit/@decryptson/in-wake-of-steemit-hack-important
Future security protocols will be nice.
Seems like obvious shilling for LastPass
https://steemit.com/steemit/@decryptson/in-wake-of-steemit-hack-important