As our accounts grow in value, so does the chance of malicious users gaining control and emptying them out, before we can regain control. We've seen it happen many times before with the countless phishing scams through Steemit clones. Many users lost even more STEEM/SBD. A friend of mine lost a lot and it made me think about a solution. Being on a platform with so many talented devs I decided to make a task request with a 50 SBD bounty for the first one who creates an anti-phishing browser extension for everyone to use. @quochuy made the best solution Steemed Phish. Read more about it here and download it for Chrome here.
That said, let me tell you how I store my passwords.
Yes! I memorized my passwords. And no, I did not change the generated passwords with simpler ones. Again no, I do not have a photographic memory. Anyone can memorize their passwords. Easy.
The way to do it is to write them down on a piece of paper. Repeat a couple of times and hide all of them around your house except the one you will be using for when you will need to input the password. This is the best, and most safest way to store your passowords. REMEMBER: A password is never safe if in digital form, so write them down!
Depending on your mental capacity and how often you actually use your passwords. After a couple of weeks to a month you will already be able to remember most, if not the entire password off the top of your head. Make yourself remember. Try not to look at the paper when inputting it and try to remember as much as you can. If you get stuck and can't remember, see which part is bothering you the most and try to remember it for next time.
It generally takes me up to a month to remember one generated password with upper, lower case letters and numbers. My memory is nowhere near the memory of an average humab so, I bet you can do it in two weeks.
In a couple of years a 100 SP accounts will be targets as they will be worth upwards of 1000 USD so, better start caring about your passwords now, and start storing them offline, before it's too late. You will thank me later, when you won't need that piece of paper to input the password. Then you are safe! If there are no keyloggers or other malware infecting your machine, of course. Not much can save you from that.
TIP: get a good anti-virus software. 360 Total Security is a free anti-virus that has been doing wonders for me in the last couple of years. Try it out if you don't want to spend money on a paid one.
.png)
I have also been thinking about this more often as well. While I don’t think I have that mental capacity to memorize a secure password, I have tried to come up with phrases that help me remember some. I have also heard that it is a good idea to change the passwords here often as well so that is a lot of memorizing needed.
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
Trust me, you do. My memory is literally fucked and if I can memorize it, anyone can. It's just a matter of repetition. It will get into your muscle memory. Your fingers will just automatically hit the right keystrokes. Just give it some time.
Yes, I changed my pass 3 times already. I try to challenge myself to memorize them asap but usually it takes up to a month.
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
I am actually working on a web wallet for Steem called SWW, basically, you can use an easy to remember password to hashed your real active key (similar method like how lastPass and vessel store your password), and you can only access the account with that password that you set (no server involved, all transactions signed locally). Still in development, but it is working prototype right now.
https://swallet.netlify.com
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
Damn! You’re hardcore!
I initially thought you were going to talk about @yababmatt’s Steem Keychain Hate putting private keys into websites? Introducing Steem Keychain! or the use of something like Lastpass.
But yes, I get your point and you’re right, your technique is the safest.
Posted using Partiko iOS
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
Well, I never liked keeping them online so when I realized that I can actually memorize them relatively quickly after inputing them many times. I came to a conclusion that there is no real need for other solutions.
I've seen the keychain and tried it but I still prefer my way of going about it. The keychain makes you set a pass to access your keys. That's an issue because users will just set a simple pass for it, making it vulnerable.
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
I tried it couple of days ago and it forced me to use some stronger password with upper/lower case, digit and other rules.
Posted using Partiko iOS
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
That's great. Good preventive thinking by @yababmatt. Maybe I'll start using it and set half of my active key as the password :D
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
I wrote myself a software to crypt them. It uses a common algorithm and 2 passwords unique for every service to salt them in a way i memorized.
Even if i don't have the software with me i can always use online encrypters to reconstruct them. I only need to remember the salt and the pattern
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
That's awesome! Did you ever have problems remembering the salt?
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
nah, thats always something that comes up in my mind as soon as i think about the service/page etc. like common memes, some sayings my friends use and so on. like "fagbook" for facebook, i usually also use 1337-speech for that from time to time.
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
That is interesting. I wonder however if the risk from keyloggers when physically typing is greater than cutting and pasting from an encrypted password bank? What are your thoughts on this?
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
Good question. The risk is always greater when typing imo. Basic keyloggers shouldn't be able to get through the encryption.
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
Yep cant eliminate all risk unfortunately.
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
wow!!
You memorised the 52 characters
Kudos to you
I can't even remember my kids' names sometimes ..jk
But really, you make it sound so easy.
I think we are spoilt thanks to all the gadgets that remembers everything for us
But you are absolutely right
Someone once thought me to change a couple of the characters but of course you have to remember the ones you changed...
Thank you for sharing @runicar
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
As mentioned, my memory isn't good at all. THe first time I memorized it was accidental. I typed it in so many times that I could type it just from muscle memory alone. Didn't even need to remember the characters. My fingers just fell in the right position.
After that I changed it to challenge myself.
If can do it, anyone can.
Thaks for stopping by and appreciating my thoughts @kaerpediem
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit