Tutorial: Hive Account Security

in #hive4 years ago (edited)

Account security is more important than ever since we are on Hive now. This is because Steem is now a centralized blockchain and thus not to be trusted anymore. I know a few of you have a different view on that and would argue that it's not centralized but that's not the point. You never know if Steem (or your Account there) gets corrupted. Using the same Keys twice is a security risk by itself. That means, if you own a Steem account and you migrated from there, it is highly advised to change your Keys in Hive!

This Tutorial shows you a secure way to make your new account safe. I will use Steempeak and PeakD for this tutorial but you can also use other Frontends. Menu Names may vary a bit in that case but you should still find what you are searching for.

Hive Account Security Tutorial.png
Image: Made by @remotehorst23, License: CC-0

Before you Proceed:

I assume that your device is secure and trustworthy for this Tutorial. If you have a big wallet or you have concerns that your Device is manipulated, please be sure to run intense Scans with your Antivirus Software at least, because it could be possible that you have Key-Loggers or other kinds of Trojans installed!

This may sound paranoid for many of you, but device security should not be taken lightly and you never know what really happens inside your device. The more security you want on your device, the more paranoid you should be. It's up to you. ;)

To be 100% safe, you can also install a new OS on a new or fully formatted (overwrite the MBR) Harddrive. Be sure that all the Memory is emptied before you install the new OS. Install Anti-Virus Software and Tools like No-Script for Firefox before proceeding or installing anything else. Also Setup your Firewall.

In this tutorial, you can use your Printer to print out your keys. It is advised to not use WLAN for your devices (only use WLAN if you are sure that the encryption is high enough, and the WLAN Keys are changed on a regular basis). Its always better to have your devices connected with a (LAN) cable.

If you really want to use your Smartphone, be sure to only use the relevant Keys and never use your Master or owner key with them! I suggest to never use Smartphones for Crypto Accounts because they mostly have low security and also the security software for them is not working well or even counterproductive for your device! When you have no more concerns about your Device Security you can go to the next step.



1. Backup your Keys from Steem

This step is important, because some users may already changed their Keys before and forgot about it. To not get panicked when accidentally using the old keys, we safely store these Keys before we go to the next step.


First, you need to login to your Steem account and in the top right of your profile header you click on "Actions" and then on "Keys & Permissions".

Steempeak keys and permissions.JPG

Then you click on "Reveal all Keys" located on the bottom of your screen. You will be asked to input your Master Password. After that, you will see all of your Keys. Copy them to a Textfile and save it. In case your Computer has Data Loss now (maybe because of a blackout or hardware failure, you never know), be sure to print or write down these Keys. Double-check if you write them down! Don't forget to write down their Names (Steem, Posting Key, Private Posting Key, etc.).


2. Set Recovery Account

Login to Hive with your old (steem) Password. Then again you go to "Actions", "Keys & Permissions" and then to "Recovery Account". If you only see "@steem" as Recovery account, you should change that and find somebody to trust.

If you have no one you can trust and you really need a recovery account because of your big wallet, you should create a second account by yourself and store these keys in a second safe (maybe in your bank).

You can set up a Recovery account if you know someone on Hive you can trust. This Account is needed in case you lose access to your Account because you cant simply get a new password if you forgot or lose it. It takes one month for the (new) recovery Account to be activated.

Change Keys on Hive

On the same page you will find the Menu "Change Password". Read that page carefully before you proceed.

Reveal all keys.JPG

If you understood everything, click on the Checkbox and paste your Steem Owner Private Key. Now the "Generate new Password" Button is available and if you click it, your new Keys will show up. Print them out and store the Paper in a secure place (like your safe or a secret stash).

Also copy-paste the new Keys to a Text file for easy setup of your Login Tool like Hive Keychain for Firefox. Now that your Hive Keys have changed, you cannot log in anymore with the old keys. After Setup of your Login tool like Hive Keychain, the Keys will be encrypted with a (more simple) Password of your choice, you can try to log in with the Tool. Be sure that this Tool Password is secure enough and not easy to guess! Use special characters, mix Numbers with small and capital letters and use at least 8 characters. Use a Password that you never used before and create a backup of that too in case you forget it.

If you created that Password and set up your Login Tool, try everything out. Send a small Transaction on Hive, leave somebody an Upvote, write a Comment and select a Witness. If everything works, and you made a paper (and/or USB) Backup of your Keys and the Password for Keychain you should delete your Textfile with the keys.

Congratulations, your Account can now be considered secure!

If you noticed that something is wrong or misleading in that Tutorial, please let me know!
If you find this Tutorial helpful and want to share it with your Twitter / Hive users, here is my Tweet about it.

You are free to translate this Tutorial with the Images in any Language if you want to.

This tutorial should help people with their account security. However, I take no responsibility for the correctness of this tutorial or the security of your account!

Sort:  

Thanks for sharing your creative and inspirational post on HIVE!



This post got curated by our fellow curator @tibfox and you received a 100% upvote from our non-profit curation service!

Join the official DIYHub community on HIVE and show us more of your amazing work!

Thanks! And thank you @tibfox.^^

Excellent post.

Cryptocurrency security is key because if we lose our coins, there is no getting them back.

Thanks. Following.

Thank you for your feedback and the follow! :)

I really was a little concerned that I missed something or had something wrong in the tutorial. But I also made these steps by myself before writing the tutorial so it should work for others too.

Very important post. Thank you very much.

Liebe Grüße Michael

!invest_vote
!jeenger

@mima2606 denkt du hast ein Vote durch @investinthefutur verdient! ----> Wer ist investinthefutur ?
@mima2606 thinks you have earned a vote of @investinthefutur !----> Who is investinthefutur ?