TUTORIAL: How To Secure Your Hive Account & Keys

in LearnHive5 years ago (edited)

security-hive.png

Welcome to Hive!!!

Now that you've went through the process of creating an account, I'm sure you are probably overwhelmed by all the weirds keys and password that seems like they are 1000 characters long. We are not in Kansas anymore!

The reason why you were given those keys is that contrary to anything else you have access to online. This account is 100% yours. Nobody...we mean nobody has access to your account unless you give them permission. This means that you can't just click "Recover my password" like you would do on Facebook...because nobody has your password anywhere!

3zb04g.jpg

Your account has a real monetary value and there is a big incentive for people to try to steal access to your passwords. So what is there to do?

Finding A Good Place to Stash Your Keys

Ease of use and access often don't jive with each other. You have to balance those 2 concerns and choose the right balance for you.

On the paranoid level of security, you have a physical copy in a locked safe and you type all those characters by hand everytime you want to log in. Not very practical but...safe. On the other extreme, you would you something like Google Password Manager.

Now, the community developed secured intermediate level tools for you to use. If you use Chrome or Brave, you can use Hive Keychain which is quite secure to store your keys. There is also the option to use a password manager such as LastPass.

Both of the tools above require that you create a Master Password to unlock your keys...so make sure you don't lose that password too! 😂

Now, no online solution is "perfectly" safe and this is why people recommend to keep an offline copy somewhere you wont lose it. Redundancy helps make sure that if you lose it somewhere, you can recover it elsewhere.

Which Keys Should You Use To Login With?

There are 4 types of keys.

Posting key - The posting key allows accounts to post, comment, edit, vote, reblog, and follow or mute other accounts. Most users should be logging into Hive every day with the posting key. You are more likely to have your password or key compromised the more you use it so a limited posting key exists to restrict the damage that a compromised account key would cause.

Active key - The active key is meant for more sensitive tasks such as transferring funds, power up/down transactions, converting Hive Dollars, voting for witnesses, updating profile details and avatar, and placing a market order.

Memo key - Don't bother with that one too much

Owner key - The owner key is only meant for use when necessary. It is the most powerful key because it can change any key of an account, including the owner key. Ideally it is meant to be stored offline, and only used to recover a compromised account.

If you use Hive Keychain when enter your keys and it will select which one you have to use depending on the situation. For most beginners and this is the option that we would recommend.

Conclusion

Feel free to ask your questions below about how to secure your keys or any other security related questions that we haven't thought about including in this article.

Sort:  

Very good write up and very informational, anyone new please, please for the love of block chain awesomeness, BACK UP YOUR KEYS.

Also watch when copying your private key or any other key for that matter, it used to happen all the time on steemit, people actually posted there keys, either in the memo field by accident, or in a post itself. BE VERY CAREFUL. If you make this mistake, have some one you trust and get the fund off your blog right away and sorry but at that time it's time to start over.

Take the precautions, this has to be the best post for help I seen all day. Good job!

  • Michael

If anyone has just switched over to Hive from Steem. I would also recommend to change you recovery account from steem to something else. This would be one option https://peakd.com/hive/@arcange/introducing-hive-account-recovery.

Yes very true. I expect the majority of people that we are inviting to be brand new. So they don't need to do this. Right?

Yes new accounts do not necessarily need to do this. The recovery account is usually the account that created the account.

Congratulations @hive-134567! You have completed the following achievement on the Hive blockchain and have been rewarded with new badge(s) :

You received more than 700 upvotes. Your next target is to reach 800 upvotes.

You can view your badges on your board and compare to others on the Ranking
If you no longer want to receive notifications, reply to this comment with the word STOP

Do not miss the last post from @hivebuzz:

HiveBuzz - Hive Gamification Experience
Vote for us as a witness to get one more badge and upvotes from us with more power!

STOP

Notifications have been disabled. Sorry if I bothered you.
To reactivate notifications, drop me a comment with the word NOTIFY