The Difference between Passwords on Steemit and other Places

in #steemit7 years ago (edited)

Frustrated.JPG

One thing we notice or should have noticed is when we create our Steemit account that we are warned to take care of the password. If it gets lost then you can simply forget it; it is curtains for your account.

Steemit does warn us quite starkly about this. If you head to the wallet and then password section you can see this:


TheRules.JPG

However we need this password quite often for

  • Sending SBD to others
  • Powering up Steem to SteemPower
  • Voting for witnesses
  • Other things I have yet to encounter.

It needs to be in a handy place for quick access but not handy for others to access!

I for one have been procrastinating lately about making a backup, printing the password, and hiding it in my house in a place only myself and family are aware of.

Until recently my password was stored on the internet and could possibly have been compromised, but no longer.

KeepPasswordSafe.JPG

Having recently invested some fiat currency into the Steem Ecosystem I was feeling more and more uncomfortable about it. So here’s what I did.

I removed the internet stored password.

I created a text file which contained just my password string with the name ‘ediw.su' and added it to my USB stick. I then copied the file to a second USB stick. I carry these around everywhere with me as they contain a brain dump of my professional scripts and work going back around TEN years. Within the text file is simply a long string of 7-bit ASCII characters. Quite meaningless to someone who may find my lost USB stick if that ever happened.

Why ‘ediw.su’? Call the file what you like, it means something to you and nothing to others.

I printed the password on paper; This step is very important!

The paper version is not just a string of characters but in the lines of, ‘Slobberchops Steemit Password: d7ds7dsdhhhfjdds7fs87ffgduyfdfdsf77fds7. Oh, that's not my real password, I know what you’re thinking!

SteemTreasure.JPG

Lastly, let family members know what this is and where it is. They may need to get at your funds someday and I for one am in the game for the long term.

Your Steemit password needs to be accessible and yet secure. What methods do you use to do this?


DivindingLine.JPG

SteemEnginer.gif

Drooling Maniac.JPG

If you found this article so invigorating that you are now a positively googly-eyed, drooling lunatic with dripping saliva or even if you liked it just a bit, then please upvote, comment, resteem, engage me or all of these things.

Sort:  

Great points. I still need to get a bit more organised with my passwords. I think this is quite a big deal for newcomers/non techies coming to the platform… as you rightly point out it is a very different environment. A minefield for many!

Like much of the crypto world we are responsible for our own 'bank accounts' and in particular with Steemit there's no forgetting passwords. It could be a hard pill to swallow for the uneducated.

This is a vital topic for Steemians to understand. I use Lastpass for my keys with 2 factor authentication. I trust them as having been audited by others. That said, I do need to make arrangements so that family could get access if something happened to me. This is something I'm pondering at the moment.

'I do need to make arrangements so that family could get access if something happened to me'

You last point is what made me do it. Thanks for the heads up on how you do it.

Are you able to copy and paste on a desktop easily using their service? I use 1Password on my phone and noticed they have a desktop version available. However it only seems to synch if you subscribe, which I don't.

You can copy from the browser extension, but mostly it fold in passwords automatically and only for the valid site. I know a lot of people get caught out by fake sites and it's happening with Steemit too. I have Lastpass on my phone too and can unlock with my fingerprint

I wish steemit would introduct 2fa. That would make this site way more secured.

Do you mind if i resteem your post? I found it very valuable.

Yours, Piotr

'Do you mind if i resteem your post? I found it very valuable.'

Of course, go ahead!

Great.
I will resteem your post within few days.
I wish there would be a tool allowing us to schedulle resteeming posts.

Im trying to build 2 posts, then resteem 2, again build 2 and resteem 2.

I hope to attract some people with interesting content and then I will be resteeming their most valuable posts to help them get some exposure.

All the best
Piotr

Finally I had a chance to resteem your post.... but it seem that it's not possible any more?

Is it because it's older than 7 days?

Im not sure to be honest. Havent tried with one so old.

I guess now we both know the answer :)

So I've resteemed your other post. Cheers mate, Piotr

You managed to use 2fa on steemit? Is it even possible?

No, that's in Lastpass

thx. I should read more carefully

I don't use my master password for anything. I keep that safe and always use my other keys (active and posting) for logging in when required.

I tried using the Acive key but when you click this:

It then asks you for the master password. It seems to retain it for a while and then asks again. Am I missing something?

Thx for another informative post. Easy to read.

Im not sure if I understood that part. Could you please help me and explain little closer?
"The paper version is not just a string of characters but in the lines of, ‘Slobberchops Steemit Password: d7ds7dsdhhhfjdds7fs87ffgduyfdfdsf77fds7. Oh, that's not my real password, I know what you’re thinking!"

Please continue up with creating interesting content - it may be hard at the beginning to build reach and solid followers base.
Steemits needs solid content builders so just dont ever give up! :)

Already followed and upvoted :) Cheers, Piotr

Its simply that I want my family to understand what the string of characters represents, nothing else really.

Touche with the keep it up. Steemit is not a new project but I hope it grows into something much bigger than we already have.

Thank you for your kind reply.

I also hope that Steemit will grow into something way bigger than it is.

ps. how many people asked you about that creeeeepy face at the bottom of your post? :)

cheers, Piotr

A couple of people have mentioned the sweaty guy. He ties in with my name, and as @katharsisdrill has opted me for the 'what does you name mean' article series Ill be explaining soon.

luckily Ive seen photo of you and @steevc so I know you do not look THAT scarry and creepy in real life :)

Well...! I thought my new portrait was a really good looking chap :)

hahahaha

I love your sense of humour :) Are you british? :)

ps.
I made my first contest ever. Would you mind checking it out and sharing your feedback? And perhaps also commenting as Im interested what is your view on discussed issue:
https://steemit.com/blockchain/@crypto.piotr/mini-contest-how-ai-supported-by-growing-blockchain-technology-can-change-the-world

I would really appreciate if you could share some of your experience with me :)

Cheers, Piotr

I am from the UK, Ill take a look at your link.

I recently wrote an complete article about the Steemit passwords. I didn't think of "If tomorow never comes" scenario's ( just to stay a little into music) but your right to also think about those things... I'm in for the long term as well, so you never know how things are going.. Thanks !!!

Wow, great topic to discover! I bet that not many Steemians actually think of that. My guess is that everyone starts to freak out a little when their account gets more money in and they are suddenly not sure what their password is...

I guess that you should treat it as a PIN to your card or a password to your bank account. Store it safely because it contains your hard earned cash.

Kudos to you for going so far with the protection. I think it's really good for every user to practice caution :)

It was something that was starting to bother me and so I just wrote about it. I'm sure other people may get complacent about this too.

As you can see by the responses, everyone has their own way of keeping their password secure. We just need to do it in which way is best for us.

When I was new I didn't know all those keys so I used password to login but now I only use password to change all keys. I make a habit of changing password especially when I use android. I don't trust android. Haha 😊

I have anonymous account created with BlockTrades I let them back up my password so I do not change it. If I want to invest more I'd do it anonymously for security reasons.

I keep several copies offline and only use POSTING key to login and ACTIVE key on SteemConnect and Fund Transfers etc.

I hope nothing will happen to me because no one from my family is interested with my online activities. I have to invest "cents" only haha

i think printing is not good, if one finds it. The usb are safe if are in different places. I think a cloud encrypted storage like storj is the best

I have mine printed out, along with my husband's, and I have them in two places where anyone not in the know is highly unlikely to look - or to know what the heck they are if they are found.

As a secondary precaution, I use Protonmail.com, which is secure end-to-end encrypted email based in Switzerland, and I sent the passwords from one account to another.

Highly unlikely to be hacked, even less likely that they'd be able to decrypt, and they'd have to know which accounts I used, as I have several.

And it is, at the same time, accessible to us from anywhere that has internet access.

I have a list of my online accounts/passwords in MS Excel with PASSWORD sent to my e-mails too so I could access anywhere. I put password even on MS Word files 👍

Glad you're password protecting them.

That makes a big difference, and makes it much harder for anyone to compromise your account, but you already know that. ;-)

' at the same time, accessible to us from anywhere '

That's the thing, to have it accessible as any time. I think we all have our ways of doing this. Good to hear some options coming from everyone.

My thoughts as well.

I think it is much safer with Protonmail than in my real-world wallet, which, although I don't live in a high crime area, can nonetheless go missing at any point in time.

Not so Protonmail, and I trust them a LOT more than any of the cloud services, at least so far.

Yes, it can't be stressed enough to keep that password secure, have seen quite a few stories where folks have lost their passwords or have had their computers hacked and stolen.
I actually have a paper copy of my password in a plastic baggy, frozen in a block of ice in an old freezer out in the shop. "Only Thaw In Case of Emergency" is on the bucket.

I actually have a paper copy of my password in a plastic baggy, frozen in a block of ice in an old freezer out in the shop. "Only Thaw In Case of Emergency" is on the bucket.

Haha.. thats a unique place for sure. Hope its just a string of characters and doesnt contain the words 'Steem Password'

It doesn't, just the password.