When a user utilizes the new "reset password" a warning pops-up informing the user that the back-end noticed the change in security keys. This is an excellent alert and great functionality update.
With that said, I did the pop up alert even though I did personally provoke the action and reset my keys in the process. I could see this being a bit confusing to many users. Perhaps not early adopters but users less familiar with security concerns with crypto.
Here's my recommendation:
Without adding a bunch of additional logic updates(tons of items on the plate i'm sure) that would cross reference the IP etc, changing the verbiage would be a nice improvement.
"If you recently reset your password at(timestamp in strftime, example: Thu, 21 Jul 2016 02:39:19 PST) this alert was most likely prompted by this action, otherwise your immediate attention is needed"
@originate okay, this looks pretty cool, I hope this helps other users
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
This really helped me, thanks @originate
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
Completely agree, this UX tweak would be helpful prevent some users from being startled!
On a semi-related note, while we are talking about the intersection of UX and security, I wrote a walkthrough targeting any user that wants to set up a password manager with 2FA. Check it out here:
https://steemit.com/steemit/@robrigo/security-how-to-how-anyone-can-avoid-losing-access-to-their-steemit-account-with-lastpass-and-duo
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
There is good news, with all the security updates it is hard to imagine that this will come up often and be legit.
I'm on the dev team, so I will update the message though and do my best to get everyone to keep it in the new security model support it. I believe this is a valuable addition to our security model..
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
This is why I love Steemit. The personal touch goes a long way. Huge props jsc.
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
Absolutely. The phrasing "your password lost ownership" is a touch vague.
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
Thanks a lot, I wrote that... LOL You're right, I should not assume people understand ownership. I'm busy thinking about a number of things at the same time. Sometimes the insanity in my thoughts leaks out..
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
Thanks @condra exactly my thoughts.
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
Agreed. I individually changed each of my passwords after the hack was over, and then a few days later this warning popped up and made me question if I should change them again.
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
This is an excellent point to bring up. Great post!
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
I saw that yesterday as well. I was scared there for a second. Then I realized it was popping up as a result of my password change. What made it a little more confusing to me was that it popped up A WHILE after I changed my password.
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
To clarify a bit for those that are new to STEEM I will add this detail.
When STEEM pays out 1 $ worth of rewards (whether from posting, commenting or upvoting) it simply creates the new units "out of thin air". This has the effect of diluting everyone's STEEM holdings since the supply has increased but your personal wallet's balance has not.
The way to protect yourself from this dilution is to Power Up.
What does this do you might be axkin '?
Well, for every 1 $ worth of STEEM created to pay for content & curation there are 9 $ worth of STEEM created to send to those that have powered up.
So you should only hold STEEM if you are planning on selling it, or sending it to someone. Do not hold it for a long time since it is being diluted little by little by everyday's payouts.
Power it up and you will lock in your value.
Hope this helps complement the main post!
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit