Suggestion for Steemit : Securing accounts with your identity

in utopian-io •  7 years ago  (edited)

Problem

The feeling of insecurity you get when using/storing your Steemit passwords and knowing that if you loose or compromise your keys it will be hard to get your account back as the current recovery service isn't bulletproof and doesn't work every time.

This will just get worse in the future as the price of Steem and our accounts go up we will become a prey for hackers and malicious users trying to get your keys in any way possible.

We already seen some phishing attempts trying to do that with a fake Steemit or SteemConnect website. This is just the beginning of what we will see much more of in the future and we need a way around it.

What we need is another layer of protection that goes beyond what currently have with our passwords. A way to secure our accounts and an ability to recover them every time we need it. A layer of trust and security to ensure users their accounts will always be safe.

Solution

A service that allows you to connect your Steemit account to your identity.
image.png

The process would be as simple as the solution

  • Take a selfie and a picture of your ID card
  • Initiate the verification process by sending 0.001 SBD to the service provider with a memo ( Verify me + your username + email)
  • The provider would then send you a memo on Steemit and wait for your response via email
  • You would then send an email (which must be the one mentioned when initiating the verification process) with the memo given on Steemit and your images (selfie and ID card)

Viola, your account is now secure,bound to your identity and you can easily recover it whenever you want!

So if you God forbid happen to lose your password or get hacked you could contact the service provider and go through the process of recovering your account via email.

The process would be the same as verification but would go only via email as you no longer have the control of your account.

  • Send a mail explaining your issue ( hacked/lost your keys or whatever), initiate the recovery process
  • Take fresh pictures of yourself + ID card and send them via email

Bing!

You get your passwords and can keep Steeming as long as you have a camera to take a selfie and an ID card or any other form of verification that has your picture on it.

  • This is a much needed add-on to the Steemit ecosystem as it provides security to account owners that they don't have right now but would most definitely want to have in the future.

  • I'm hoping that someone actually takes the time to create such a service and make our lives much easier and with less paranoia over account security/protection.



Posted on Utopian.io - Rewarding Open Source Contributors

Authors get paid when people like you upvote their post.
If you enjoyed what you read here, create your account today and start earning FREE STEEM!
Sort Order:  

I really liked this idea, and support it fully.

In my opinion, it is one necessary step we need to take before mass adoption :)

One suggestion. Instead of using third party verification maybe we can develop a dapp that uses facial recognition instead. I would prefer to keep the ecosystem as trustless as possible.

That would take too long. We need something now because we will get mass adoption soon. People need to be secure about their accounts especially when they have money invested.

That's a great idea, I really hope someone adds that kind of feature to this site. It would sure save a lot of heart ache for those who get hacked, or simply lose their password key. Especially because I'm highly prone to losing my key! :)

So long as there is an option to verification without photo ID, I'm game. I think people should be given a choice to remain anonymous which is my preferred option. Peace.

You will always be given a choice but I don't see a problem in giving your id to steemit or a trusted service.

I have a problem with google and other giants that collect data for their personal profits. Also how they listen to our EnslavementPhones for the same reasons

Nope. I would much rather have 2FA than giving one more service my documents.

Agreed - this whole movement is about decentralization. Although, many who were early to crypto lost out from Gox or phishing attacks etc... Perhaps we could be given the option to verify identity, or use a decentralized identity service like Uport once seamless integration is possible.

  ·  7 years ago (edited)

I don't see a problem in it.

That's also a good solution. Haven't thought about it as I don't use it that much.

Maybe we can get both and users can decide how they want to secure their accounts further.

Oh man :) You should. With recent processors hacks disclosed. I would not sleep calmly if I didnt have 2FA on everything valuable.
One virus and you are rekt.

I don't use any apps or sites other than steemit that I would care for if I lost my keys.

No exchanges? No other social networks? Google?
Are you a unicorn?

I only use exchanges for short transactions and never keep money there. I'm not on other social networks and don't care much about google.

I must be then :)

Thank you for the contribution. It has been approved.

You can contact us on Discord.
[utopian-moderator]

Your contribution cannot be approved because it does not follow the Utopian Rules.

You can't hide private information on a public Blockchain.

You can contact us on Discord.
[utopian-moderator]

  ·  7 years ago (edited)

I'm not sure what you mean? I never said it would be stored on a blockchain.

It's true that a steemit account would be needed for creating and sending memos for users requesting verification. But I didn't say it would be stored on the blockchain, where did you read that?

How will you store the private information? I mean, the idea is very good. Especially for Utopian due to the fact we have lots of alt accounts and spammers, but when you think over it... It can't really work.

Having an extra account where you send SBD and your information just increases the chance of a potential leak.

  ·  7 years ago (edited)

Why couldn't it work? We would need a trusted service like steemconnect and a system to keep the information private. I'm sure that there is someone that can pull this off while you are pulling me down.

I'm not that techy to know how would the information be stored so I didn't mention it (that's what the devs are for and I'm not one of them :) but I'm sure that there is a way around it.

I will change your suggestion to approved, I mean... It's something that can be improved on. But it is not possible to make it open-source which will lower credibility, mostly.

Hey @runicar I am @utopian-io. I have just upvoted you!

Achievements

  • You are generating more rewards than average for this category. Super!;)
  • Seems like you contribute quite often. AMAZING!

Suggestions

  • Contribute more often to get higher and higher rewards. I wish to see you often!
  • Work on your followers to increase the votes/rewards. I follow what humans do and my vote is mainly based on that. Good luck!

Get Noticed!

  • Did you know project owners can manually vote with their own voting power or by voting power delegated to their projects? Ask the project owner to review your contributions!

Community-Driven Witness!

I am the first and only Steem Community-Driven Witness. Participate on Discord. Lets GROW TOGETHER!

mooncryption-utopian-witness-gif

Up-vote this comment to grow my power and help Open Source contributions like this one. Want to chat? Join me on Discord https://discord.gg/Pc8HG9x

Hey. Can you tell me what is my fault?

Leaving a spammy comment, expecting to get rewards.

I m not giving you a spammy comment. I was read your blog full.then it seems to me helpful all steemians even me. Thats why i was wrote helpful article. I was not post same comment on others blog. Then How it will be a spammy comment? Would you please explain me? It will help me in future.

its really helpfull idea...most of steemian are suffer insecure..thanks for sharing

Steemit should work on it! This is a brilliant idea yo!

I don't understand this proposal. You want a third-party to store your passwords?
Regardless, even if there is an extra layer of protection, if someone else gets your master password and changes it, you have no means of recovering your account as far as I know.

No I want to be able to tie my account to my IRL identity and if keys are lost the third party would be able to restore them when you prove that you are the rightful owner.

A third party can only restore the keys if they are in their possession, right? That's my concern.

My worry with it is, with the concern of hackers and malicious users, instead of stealing your account, they steal your identity. I'm all for increased verification and security, but I would personally prefer not using my ID.

That's why it would need to be done securely, I'm sure there are steemians that are able to make this happen.

  ·  7 years ago Reveal Comment
  ·  7 years ago Reveal Comment