Hello Everyone
Welcome to Steem. When I first started with steem, I found myself very confused. Why do I have so many keys and what should I do with it.
I bet as with everyone I started to use the password given to me by Steemit to login and out of Steem. It was only weeks later when I start to learn more about steem that I realized I am doing a fatal mistake.
Thus, I plan to let as many new steemian know about this as early as possible.
Super Powerful Private Owner Key / Master Password
After much research, I learned that the private owner key or also known as the master password has a very powerful role.
It can essentially change your other keys. More about the keys later. This means that any person who gets hold of your master password can lock you out of your own account by changing the master password.
Once that happen, don't expect steemit to help you recover your account. The private owner key in crytocurrency lingua is like your Bitcoin's private key. Once somebody gets hold of it, he controls the fund in the account.
The beauty of blockchain is that there is no Central authority, so in essence, there is no one central figure that can ban you from your account. But because there is no Central authority, there is also no Central authority to recover your account if it gets stolen.
Thus, keeping safe the private owner key or master password is solely your responsibility.
How to Keep Your Private Owner Key or Master Password Secure
First rule is to not have a digital copy of it anywhere. So, the best is to print multiple hard copies of the master password or owner key and keep them safe.
One hard copy can be placed in your portable safe at home. Another hard copy can be placed at the bank vault.
Also, do not put your steem username on the hard copy. This way even if the thief got your hard copy, they find don't know your username. Make sure do not put the word steem on it so they won't even know what it is for.
You can also insert an extra letter at the end or at a predefined position by you. This will throw off the person who got your hard copy owner key. When you have to use it, just cancel out that extra letter when keying in.
After keeping it safe, you won't be using the owner key or master password anymore anytime soon.
So, Without the Owner Key, How do I Login?
In Steemit, if you are just posting blogs, voting and commenting, you can use the private posting key in logging in. Using this key, you don't have permission to your wallet. Thus, for me, it is the safest key to login. You can get your private posting key and private active key by going to your Wallet > Permissions > Show Private Key.
From time to time, you would need the private active key to transfer steem to steem power, or to withdraw steem. During these times, you can login using the private active key. After your session, remember to logout.
For extra security, you can power up all your steem to steem power or to savings. When it is in steem power, you won't be able to withdraw it without a 3 month notice. With savings, you need a 3 days notice. Thus, even if the thief got your active key, you would know something is amiss when you see your steem power is being withdrawn. You can then use the owner key to change all the keys.
Conclusion
To keep your steem account safe, make a hard copy of your private owner key / master password and shred all digital copy of it. Only use the private posting key and sometimes the private active key in logging in.
-----------------------------
The New to Steem Series is a series of helpful guides to help those who are new to steem. With the large ecosystem of steem, it is becoming hard to comb through the documents in steemit to know which are important and which are outdated.
When writing this series, I put myself as much as possible in the position of a person new to steem and new to cryptocurrency in general. If you have any questions, feel free to ask me anything.