Online Security & Recovery Accounts

Online Security & Recovery Accounts - Newbies Initiative task no.3

Hello Hive Learners,

The time has come to talk about the safety of your accounts, hacking, and how to set up a recovery account.

Let’s start with some basics of online safety (regardless of what type of account it is and whether it’s web2 based or it’s a web3)

The basics of online security

Hive divider

The strength of passwords

If you use a password that contains only numbers, and it has less than 8 of them, it can be done instantly. If you use only letters (and they have less than 8) it can be done in a couple of hours. However, if you mix 8 letters and 8 numbers and you add some special symbol like ?, !, *, etc. it takes more than 150 trillion years. If you have more than 18 characters in total (a mix of letters, numbers, and special symbols) it takes more than a quadrillion years to crack it (with current hacking equipment). *My question to you is, what type of passwords do you use?*

One account, one password

Additionally, one more piece of advice that is often given to online users is not to use the same password for multiple accounts. The reasoning behind this is pretty simple if some hacker wants to get into your accounts and use the same password for your e-mail, bank account access, and social media platforms - then you make it super easy for them to access all of these things, and take ownership of all of your online accounts. Therefore, be wise and use multiple passwords that have at least 16 characters (a mixture of letters, numbers, and special symbols).

Keeping your passwords safe

One more piece of advice that is worth mentioning is to always store your passwords offline. The more accounts you have, the more passwords you will have. It is not possible to memorize all of them, especially if they have more than 16 characters each. I understand that is super easy to have them in a document from which you can easily copy-paste, however - if someone hacks your computer you can say goodbye to all your accounts because the hacker will do the same copy-paste you were doing. In order to prevent this, it would be best to write your passwords on a piece of paper, or a notebook and have them safely stored, in a place that no one knows or would ever think to look (a drawer with socks is not the best hiding place)🙂

For the reasons mentioned previously, our “passwords” for Hive (aka key) all have a whole bunch of alphanumeric symbols as well as special characters in a random order that have logical sense. It would take gazillion years to crack or hack. That makes our accounts very safe unless you have them saved in a document on your computer, in your e-mail, or anywhere else with Internet access. If that is you, write them down on a piece of paper, make sure to double-check everything is well written and delete your document or e-mail forever. Or better yet, make new passwords, write them on a piece of paper, and don’t use the old ones, only the new ones you have generated, and keep them offline.

Hive divider

Possible causes resulting in your account being hacked

As mentioned before, one possible cause is to have a weak password. Another possible cause is to lose your password or keys and someone finds it and uses it against you.

Besides these two types, we also have:

Malware - it is the most common and it includes malicious software that enters the device you are using and can control your device, steal information and documents, monitor the passwords you use when typing, etc. It most frequently enters through a download of the software (email attachments are the most frequent types). Some of the famous malware are Trojans, Worms, Spyware, and Adware.

Phishing attacks - they normally include e-mails that seem to arrive from a trusted third party and they are used to extract sensitive information from you (e.g. passwords or other personal information). Sometimes they include links to “official websites” where you may introduce sensitive information or it can have malware that will automatically download to your device.

Cookie theft - is very common when a person uses an unprotected network or Wi-Fi, public Wi-Fi, or cybercafe are often targeted for this type of hack. When we use them cookies that contain browsing history with our usernames and passwords are being sent through the hacker’s system in order to extract this information.

There are many other ways of hacking that professionals use to obtain our sensitive information so we must stay vigilant in order to protect ourselves.

Hive divider

Hive Keys

When talking about our “passwords” on Hive, we talking about a set of 5 keys: Master, Owner, Active, Posting, Memo

The master key is the main one and it’s the most important one. With it we can generate new keys if it will be necessary, we can also edit the keys we have.

The owner key is used for the recovery of an account or to change the keys

The active key is used for approval of actions that include the transfer of Hive, e.g. powering up your Hive account, buying and selling of tokens, staking, etc.

The posting key is used for writing posts, commenting, and voting. It is the key we will be using most frequently.

The memo key is used for the encryption or decryption of messages on the Hive blockchain.

Here is an example of keys you have and how they look (remember to keep them safe and don’t share them with anyone).

Example of keys

If you don’t know what your keys are and you have access to Peakd, you can easily go to “Wallet” which you can find in the top right corner where your thumbnail and name are located.

Peakd, wallet

Once inside your wallet, press on “Account Actions” and select “Keys and Permissions”.

Account actions - keys and permissions

Once inside, at the bottom of the screen, you will have the option to “Reveal All Keys”. In order to do it, you will have to use your Master key. For security reasons, I will not show you how it looks once you reveal them (but it looks similar to the picture above where you can see an example of the keys).

Account keys

Hive divider

A Recovery Account - what is it and how to set it up?

What is a recovery account?
A recovery account is a different account than yours that help you restore yours in case it gets hacked. With it, you can change your keys within 30 days of your account being hacked.
When opening an account we are automatically given a recovery account, however, it is advisable that we change it to our second account or if we don’t have one to a person we trust.

How to set up your recovery account?
In Peakd, in the same place where we can see our account keys, we can see another tab called “Recovery account”. In this tab, at the bottom, we can see two options (buttons). We will use “Change recovery account” for this setup.

Recovery account, step 1

Once we have selected “Change recovery account” we will add the username of the person we trust and we can reach out to in case of emergency we add our owner key and we press the “Confirm” button.

Recovery account, step 2

Finally, we can see the change being put into motion and it will take effect in 30 days. We should see an image like the one below. With that, we will be certain that all the steps were done properly.

Recovery account changed

I hope you have learned something new regarding your account safety and that you will put this measure into force in order to protect yourself. Stay safe out there! 🙂

^{The first image (the thumbnail) was created using Canva.com

The second image is a screenshot of the keys that one would obtain if they are to open a new account with LeoFinance

All other images are screenshots from Peakd

The dividers used in the text are the property of ThePeakStudio}

Online Security & Recovery Accounts - Newbies Task 3

The basics of online security

Possible causes resulting in your account being hacked

Hive Keys

A Recovery Account - what is it and how to set it up?