Wouldn't using a registered email address be the optimal way to go for Steemit account recoveries?
In addition Steemit should implement some sort of confirmation email that has to be acknowledged if a user wants to transfer SD or SP out of the account. This would ensure that not only does the hacker need to compromise a users Steemit ID/Password combination but they also need to compromise a users 2FA protected email account. This would prevent 99% of all thefts. Not hard to implement and very secure, it is considered an industry best practice.
@smooth to the best of your knowledge is anything like that being planned? With Steemits explosion in the last 2 weeks there are some significant funds to protect.
Curious why this is not the direction Steemit went since its an industry standard and works very well.
i think the best for register is using email with required facebook or reddit.
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
Facebook or Reddit is great for confirming ones identity but for account recovery a 2FA (two factor authentication) protected email account would work best IMHO.
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
yes, thre is the best (before our account was hacked) like yesterday..
so many user with high balance was hacked.
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
One issue with submitting a recovery email is that you will be leaving your email out in the open for anyone running a Steem node to see. The Steem blockchain is public and open to anyone...I wouldn't add an email to a public blockchain where it could be sold to spammers.
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
Should be a way to hash it somehow.
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit