create account
Next hardfork scheduled for: Tue, 25 Sep 2018 15:00:00 UTC () -- releases


advanced mode

How are you login in? by meno

View this thread on steemit.com
View on official site
· @meno ·
$4.34
How are you login in?
<div class="text-justify">
Of course as a Steemian I've done my best to bring people to the platform. I've invited friends, friends of friends, relatives and of course family. My intention has been at all times to bring them into the fold, show them what this blockchain can do, what the cryptocurrency revolution is all about. But sometimes, I've failed to say some basic, basic things.

<center>
<img src="https://blog.mozilla.org/wp-content/uploads/2016/09/Cybersecurity.png">
</center>
<h1>How did you just log in?</h1>
And so it happened, my brother in law @knightly who has been here for some months now, mainly as a quiet account who wanted to speculate on the who crypto craziness. He bought some tokens to give it a whirl, made some posts, and soon learnt that he could put his SP to work passively.

Being someone who has very little time to blog himself, he decided that this would be the best move. Maybe because of that, I did not explain some basic things, and maybe that is my fault. 

Today, he logs into to his account and we see that all his liquid funds, the one's he had been collecting from his small delegation are gone. All gone, seven days ago to be precise. 
<center>
<img src="https://ipfs.busy.org/ipfs/QmaJ5b2arDmLLRgzr28LimcZK7h17xCDf6vh333zQbh17Y">
</center>
The thief or thieves, because it could be more than one, even tried to power down the account right before it stole the funds. I think he/she gave up because it was going to take too long to extract the amount, and maybe it was not worth it. 

We are sitting there scratching our heads, How did this happen? How would anyone have access to the account? Of course, right away I made him change the master password, safeguarded and what have you, and then he logged back in, and then I noticed it.

<b><i>"How did you just log in? with the master password?"</i></b>- Yes, that is a big and I do mean a big no no. Now, I still don't know how the active key got copied, or if the master password was compromised. I doubt it, since they would have changed the master password right away, but it reminded me of this little security tip we must all know.

Never and I do mean <b>never</b> log in with your master password. Use your posting key, and then your active for financial transactions. In other words 99% of the time you should be using your posting key and that's it.

So, lemme ask you... How did you just log in?
</div>
https://steemitimages.com/DQmW2fijoxrybX3Kg83HCgZZmZwF8SujXWvr3tn8YCUPCsw/meno%20logo.png

πŸ‘  , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,
json_metadata{"community":"busy","app":"busy/2.5.6","format":"markdown","tags":["steem","steemit","besafe","besmart","busy"],"users":["knightly"],"links":["/@knightly"],"image":["https://blog.mozilla.org/wp-content/uploads/2016/09/Cybersecurity.png","https://ipfs.busy.org/ipfs/QmaJ5b2arDmLLRgzr28LimcZK7h17xCDf6vh333zQbh17Y","https://steemitimages.com/DQmW2fijoxrybX3Kg83HCgZZmZwF8SujXWvr3tn8YCUPCsw/meno%20logo.png"]}
created2018-09-12 18:37:27
active2018-09-13 14:33:03
last_payout2018-09-19 18:37:27
depth0
children18
net_rshares0
vote_rshares0
children_abs_rshares0
cashout_time1969-12-31 23:59:59
max_cashout_time1969-12-31 23:59:59
total_vote_weight0
reward_weight10,000
total_payout_value3.747 SBD
curator_payout_value0.588 SBD
author_rewards4,977
net_votes99
root_authormeno
root_permlinkhow-are-you-login-in
max_accepted_payout1,000,000.000 SBD
percent_steem_dollars10,000
allow_repliestrue
allow_votestrue
allow_curation_rewardstrue
beneficiaries[]
root_title"How are you login in?"
pending_payout_value0.000 SBD
total_pending_payout_value0.000 STEEM
author_reputation76,038,055,539,105
promoted0.000 SBD
body_length0
reblogged_by[]
author_curate_reward""
vote details (99)

vote your-acct "meno" "how-are-you-login-in" 100 true
post_comment your-acct "re-meno-how-are-you-login-in-20180925t135722510z" "meno" "how-are-you-login-in" "" "your reply.." "{}" true

View on official site
@elsiekjay ·
$0.02
OMG that is devastating! I am not even feeling paranoid with my account. I never really thought about it until now, thank you for the tip Meno!
πŸ‘  
json_metadata{"community":"busy","app":"busy/2.5.6","format":"markdown","tags":["steem"],"users":[],"links":[],"image":[]}
created2018-09-12 18:44:00
active2018-09-12 18:44:00
last_payout2018-09-19 18:44:00
depth1
children0
net_rshares0
vote_rshares0
children_abs_rshares0
cashout_time1969-12-31 23:59:59
max_cashout_time1969-12-31 23:59:59
total_vote_weight0
reward_weight10,000
total_payout_value0.019 SBD
curator_payout_value0.001 SBD
author_rewards26
net_votes1
root_authormeno
root_permlinkhow-are-you-login-in
max_accepted_payout1,000,000.000 SBD
percent_steem_dollars10,000
allow_repliestrue
allow_votestrue
allow_curation_rewardstrue
beneficiaries[]
root_title"How are you login in?"
pending_payout_value0.000 SBD
total_pending_payout_value0.000 STEEM
author_reputation42,079,820,190,078
promoted0.000 SBD
body_length0
reblogged_by[]
author_curate_reward""
vote details (1)

vote your-acct "elsiekjay" "re-meno-how-are-you-login-in-20180912t184311637z" 100 true
post_comment your-acct "re-elsiekjay-re-meno-how-are-you-login-in-20180925t135722512z" "elsiekjay" "re-meno-how-are-you-login-in-20180912t184311637z" "" "your reply.." "{}" true

View on official site
@cryptoandcoffee ·
$0.02
We must all remain vigilant. Is there a procedure one should know about if shit happens. Who does one contact etc. Maybe there is another post for you lol.
πŸ‘  ,
json_metadata{"tags":["steem"],"app":"steemit/0.1"}
created2018-09-12 18:52:00
active2018-09-12 18:56:24
last_payout2018-09-19 18:52:00
depth1
children2
net_rshares0
vote_rshares0
children_abs_rshares0
cashout_time1969-12-31 23:59:59
max_cashout_time1969-12-31 23:59:59
total_vote_weight0
reward_weight10,000
total_payout_value0.022 SBD
curator_payout_value0.000 SBD
author_rewards30
net_votes2
root_authormeno
root_permlinkhow-are-you-login-in
max_accepted_payout1,000,000.000 SBD
percent_steem_dollars10,000
allow_repliestrue
allow_votestrue
allow_curation_rewardstrue
beneficiaries[]
root_title"How are you login in?"
pending_payout_value0.000 SBD
total_pending_payout_value0.000 STEEM
author_reputation7,091,454,405,452
promoted0.000 SBD
body_length0
reblogged_by[]
author_curate_reward""
vote details (2)

vote your-acct "cryptoandcoffee" "re-meno-how-are-you-login-in-20180912t185157597z" 100 true
post_comment your-acct "re-cryptoandcoffee-re-meno-how-are-you-login-in-20180925t135722513z" "cryptoandcoffee" "re-meno-how-are-you-login-in-20180912t185157597z" "" "your reply.." "{}" true

View on official site
@meno ·
if your account gets stolen, there is a recovery method, I can teach you if need be, but there are plenty of posts about it. 

However the main thing here is, use your posting key.. not your password.
πŸ‘  
json_metadata{"tags":["steem"],"app":"steemit/0.1"}
created2018-09-12 18:54:06
active2018-09-12 18:56:24
last_payout2018-09-19 18:54:06
depth2
children1
net_rshares0
vote_rshares0
children_abs_rshares0
cashout_time1969-12-31 23:59:59
max_cashout_time1969-12-31 23:59:59
total_vote_weight0
reward_weight10,000
total_payout_value0.000 SBD
curator_payout_value0.000 SBD
author_rewards0
net_votes1
root_authormeno
root_permlinkhow-are-you-login-in
max_accepted_payout1,000,000.000 SBD
percent_steem_dollars10,000
allow_repliestrue
allow_votestrue
allow_curation_rewardstrue
beneficiaries[]
root_title"How are you login in?"
pending_payout_value0.000 SBD
total_pending_payout_value0.000 STEEM
author_reputation76,038,055,539,105
promoted0.000 SBD
body_length0
reblogged_by[]
author_curate_reward""
vote details (1)

vote your-acct "meno" "re-cryptoandcoffee-re-meno-how-are-you-login-in-20180912t185414333z" 100 true
post_comment your-acct "re-meno-re-cryptoandcoffee-re-meno-how-are-you-login-in-20180925t135722514z" "meno" "re-cryptoandcoffee-re-meno-how-are-you-login-in-20180912t185414333z" "" "your reply.." "{}" true

View on official site
@cryptoandcoffee ·
I do only use my posting key .Thank you.
json_metadata{"tags":["steem"],"app":"steemit/0.1"}
created2018-09-12 18:56:24
active2018-09-12 18:56:24
last_payout2018-09-19 18:56:24
depth3
children0
net_rshares0
vote_rshares0
children_abs_rshares0
cashout_time1969-12-31 23:59:59
max_cashout_time1969-12-31 23:59:59
total_vote_weight0
reward_weight10,000
total_payout_value0.000 SBD
curator_payout_value0.000 SBD
author_rewards0
net_votes0
root_authormeno
root_permlinkhow-are-you-login-in
max_accepted_payout1,000,000.000 SBD
percent_steem_dollars10,000
allow_repliestrue
allow_votestrue
allow_curation_rewardstrue
beneficiaries[]
root_title"How are you login in?"
pending_payout_value0.000 SBD
total_pending_payout_value0.000 STEEM
author_reputation7,091,454,405,452
promoted0.000 SBD
body_length0
reblogged_by[]

vote your-acct "cryptoandcoffee" "re-meno-re-cryptoandcoffee-re-meno-how-are-you-login-in-20180912t185623648z" 100 true
post_comment your-acct "re-cryptoandcoffee-re-meno-re-cryptoandcoffee-re-meno-how-are-you-login-in-20180925t135722515z" "cryptoandcoffee" "re-meno-re-cryptoandcoffee-re-meno-how-are-you-login-in-20180912t185623648z" "" "your reply.." "{}" true

View on official site
@apshamilton ·
$0.11
Great advice. This should be taught as Steemit 101.
Its very confusing when you first join, but this is critical.
πŸ‘  ,
json_metadata{"tags":["steem"],"community":"steempeak","app":"steempeak"}
created2018-09-12 19:01:36
active2018-09-12 21:38:45
last_payout2018-09-19 19:01:36
depth1
children1
net_rshares0
vote_rshares0
children_abs_rshares0
cashout_time1969-12-31 23:59:59
max_cashout_time1969-12-31 23:59:59
total_vote_weight0
reward_weight10,000
total_payout_value0.102 SBD
curator_payout_value0.012 SBD
author_rewards136
net_votes2
root_authormeno
root_permlinkhow-are-you-login-in
max_accepted_payout1,000,000.000 SBD
percent_steem_dollars10,000
allow_repliestrue
allow_votestrue
allow_curation_rewardstrue
beneficiaries[]
root_title"How are you login in?"
pending_payout_value0.000 SBD
total_pending_payout_value0.000 STEEM
author_reputation1,013,757,467,831
promoted0.000 SBD
body_length0
reblogged_by[]
author_curate_reward""
vote details (2)

vote your-acct "apshamilton" "re-meno-how-are-you-login-in-20180912t190136512z" 100 true
post_comment your-acct "re-apshamilton-re-meno-how-are-you-login-in-20180925t135722516z" "apshamilton" "re-meno-how-are-you-login-in-20180912t190136512z" "" "your reply.." "{}" true

View on official site
@meno ·
very much so... problem is, that i dont see it ever becoming too different, so if it ever becomes easier, it would not be at a blockchain level, but at a front end that manages the whole thing easier. Now, is that safe? im not sure..
json_metadata{"tags":["steem"],"app":"steemit/0.1"}
created2018-09-12 21:38:45
active2018-09-12 21:38:45
last_payout2018-09-19 21:38:45
depth2
children0
net_rshares0
vote_rshares0
children_abs_rshares0
cashout_time1969-12-31 23:59:59
max_cashout_time1969-12-31 23:59:59
total_vote_weight0
reward_weight10,000
total_payout_value0.000 SBD
curator_payout_value0.000 SBD
author_rewards0
net_votes0
root_authormeno
root_permlinkhow-are-you-login-in
max_accepted_payout1,000,000.000 SBD
percent_steem_dollars10,000
allow_repliestrue
allow_votestrue
allow_curation_rewardstrue
beneficiaries[]
root_title"How are you login in?"
pending_payout_value0.000 SBD
total_pending_payout_value0.000 STEEM
author_reputation76,038,055,539,105
promoted0.000 SBD
body_length0
reblogged_by[]

vote your-acct "meno" "re-apshamilton-re-meno-how-are-you-login-in-20180912t213853566z" 100 true
post_comment your-acct "re-meno-re-apshamilton-re-meno-how-are-you-login-in-20180925t135722517z" "meno" "re-apshamilton-re-meno-how-are-you-login-in-20180912t213853566z" "" "your reply.." "{}" true

View on official site
@onnovocks ·
$0.02
I log in with my posting key, but every time I do a financial transaction and use the active key, da kaput'r wants to update to the active key. If you are not careful and accidentally click on "update" instead of "don't update", the next time you log in, the Kaputer will be using the active key. At that point the thieves are one step closer to taking your mojo. Never use your master key, because if they get that, they won't take your mojo; they will take the account.
πŸ‘  
json_metadata{"tags":["steem"],"app":"steemit/0.1"}
created2018-09-12 19:19:42
active2018-09-13 00:57:21
last_payout2018-09-19 19:19:42
depth1
children3
net_rshares0
vote_rshares0
children_abs_rshares0
cashout_time1969-12-31 23:59:59
max_cashout_time1969-12-31 23:59:59
total_vote_weight0
reward_weight10,000
total_payout_value0.015 SBD
curator_payout_value0.005 SBD
author_rewards21
net_votes1
root_authormeno
root_permlinkhow-are-you-login-in
max_accepted_payout1,000,000.000 SBD
percent_steem_dollars10,000
allow_repliestrue
allow_votestrue
allow_curation_rewardstrue
beneficiaries[]
root_title"How are you login in?"
pending_payout_value0.000 SBD
total_pending_payout_value0.000 STEEM
author_reputation557,196,951,595
promoted0.000 SBD
body_length0
reblogged_by[]
author_curate_reward""
vote details (1)

vote your-acct "onnovocks" "re-meno-how-are-you-login-in-20180912t191942694z" 100 true
post_comment your-acct "re-onnovocks-re-meno-how-are-you-login-in-20180925t135722518z" "onnovocks" "re-meno-how-are-you-login-in-20180912t191942694z" "" "your reply.." "{}" true

View on official site
@h-p-oliver ·
I'm the last guy who should be offering tips, but I will anyway. Don't use your computers auto password fill in function. I work on a secure computer no one else uses, so I keep my Steemit passwords on an electronic sticky note on the screen and grab the one I need when I go to log in. No accidents that way.
πŸ‘  
json_metadata{"tags":["steem"],"app":"steemit/0.1"}
created2018-09-12 20:11:51
active2018-09-13 00:57:21
last_payout2018-09-19 20:11:51
depth2
children2
net_rshares0
vote_rshares0
children_abs_rshares0
cashout_time1969-12-31 23:59:59
max_cashout_time1969-12-31 23:59:59
total_vote_weight0
reward_weight10,000
total_payout_value0.000 SBD
curator_payout_value0.000 SBD
author_rewards0
net_votes1
root_authormeno
root_permlinkhow-are-you-login-in
max_accepted_payout1,000,000.000 SBD
percent_steem_dollars10,000
allow_repliestrue
allow_votestrue
allow_curation_rewardstrue
beneficiaries[]
root_title"How are you login in?"
pending_payout_value0.000 SBD
total_pending_payout_value0.000 STEEM
author_reputation2,575,964,280,825
promoted0.000 SBD
body_length0
reblogged_by[]
author_curate_reward""
vote details (1)

vote your-acct "h-p-oliver" "re-onnovocks-re-meno-how-are-you-login-in-20180912t201150658z" 100 true
post_comment your-acct "re-h-p-oliver-re-onnovocks-re-meno-how-are-you-login-in-20180925t135722519z" "h-p-oliver" "re-onnovocks-re-meno-how-are-you-login-in-20180912t201150658z" "" "your reply.." "{}" true

View on official site
@onnovocks ·
That wouldn't work for me, but is a valid method for those with only a few accounts. Thanks for thinking along on these issues. Greetings!
json_metadata{"tags":["steem"],"app":"steemit/0.1"}
created2018-09-12 22:38:09
active2018-09-13 00:57:21
last_payout2018-09-19 22:38:09
depth3
children1
net_rshares0
vote_rshares0
children_abs_rshares0
cashout_time1969-12-31 23:59:59
max_cashout_time1969-12-31 23:59:59
total_vote_weight0
reward_weight10,000
total_payout_value0.000 SBD
curator_payout_value0.000 SBD
author_rewards0
net_votes0
root_authormeno
root_permlinkhow-are-you-login-in
max_accepted_payout1,000,000.000 SBD
percent_steem_dollars10,000
allow_repliestrue
allow_votestrue
allow_curation_rewardstrue
beneficiaries[]
root_title"How are you login in?"
pending_payout_value0.000 SBD
total_pending_payout_value0.000 STEEM
author_reputation557,196,951,595
promoted0.000 SBD
body_length0
reblogged_by[]

vote your-acct "onnovocks" "re-h-p-oliver-re-onnovocks-re-meno-how-are-you-login-in-20180912t223809414z" 100 true
post_comment your-acct "re-onnovocks-re-h-p-oliver-re-onnovocks-re-meno-how-are-you-login-in-20180925t135722520z" "onnovocks" "re-h-p-oliver-re-onnovocks-re-meno-how-are-you-login-in-20180912t223809414z" "" "your reply.." "{}" true

View on official site
@h-p-oliver ·
I certainly don't use this method for all my accounts, only those where security seems to be of the utmost importance.
json_metadata{"tags":["steem"],"app":"steemit/0.1"}
created2018-09-13 00:57:21
active2018-09-13 00:57:21
last_payout2018-09-20 00:57:21
depth4
children0
net_rshares0
vote_rshares0
children_abs_rshares0
cashout_time1969-12-31 23:59:59
max_cashout_time1969-12-31 23:59:59
total_vote_weight0
reward_weight10,000
total_payout_value0.000 SBD
curator_payout_value0.000 SBD
author_rewards0
net_votes0
root_authormeno
root_permlinkhow-are-you-login-in
max_accepted_payout1,000,000.000 SBD
percent_steem_dollars10,000
allow_repliestrue
allow_votestrue
allow_curation_rewardstrue
beneficiaries[]
root_title"How are you login in?"
pending_payout_value0.000 SBD
total_pending_payout_value0.000 STEEM
author_reputation2,575,964,280,825
promoted0.000 SBD
body_length0
reblogged_by[]

vote your-acct "h-p-oliver" "re-onnovocks-re-h-p-oliver-re-onnovocks-re-meno-how-are-you-login-in-20180913t005722736z" 100 true
post_comment your-acct "re-h-p-oliver-re-onnovocks-re-h-p-oliver-re-onnovocks-re-meno-how-are-you-login-in-20180925t135722521z" "h-p-oliver" "re-onnovocks-re-h-p-oliver-re-onnovocks-re-meno-how-are-you-login-in-20180913t005722736z" "" "your reply.." "{}" true

View on official site
@karinxxl ·
$0.02
Shitttt...totally bummer for him and a good wake up call for everybody who is not doing this as yet logging in with posting/active key!

Also scary that even small accounts are at risk!
πŸ‘  
json_metadata{"community":"busy","app":"busy/2.5.6","format":"markdown","tags":["steem"],"users":[],"links":[],"image":[]}
created2018-09-12 19:54:18
active2018-09-12 19:54:18
last_payout2018-09-19 19:54:18
depth1
children0
net_rshares0
vote_rshares0
children_abs_rshares0
cashout_time1969-12-31 23:59:59
max_cashout_time1969-12-31 23:59:59
total_vote_weight0
reward_weight10,000
total_payout_value0.015 SBD
curator_payout_value0.005 SBD
author_rewards21
net_votes1
root_authormeno
root_permlinkhow-are-you-login-in
max_accepted_payout1,000,000.000 SBD
percent_steem_dollars10,000
allow_repliestrue
allow_votestrue
allow_curation_rewardstrue
beneficiaries[]
root_title"How are you login in?"
pending_payout_value0.000 SBD
total_pending_payout_value0.000 STEEM
author_reputation6,620,897,569,681
promoted0.000 SBD
body_length0
reblogged_by[]
author_curate_reward""
vote details (1)

vote your-acct "karinxxl" "re-meno-how-are-you-login-in-20180912t195417402z" 100 true
post_comment your-acct "re-karinxxl-re-meno-how-are-you-login-in-20180925t135722522z" "karinxxl" "re-meno-how-are-you-login-in-20180912t195417402z" "" "your reply.." "{}" true

View on official site
@h-p-oliver ·
$0.02
Interesting. I may be the least tech savvy guy on the planet, but I got the message about which passwords to use and when to use them the day I got them. I can't remember where I saw the information, but it was somewhere on the site, probably in the FAQs. Has everyone read the FAQs? Somebody went to a lot of trouble to write them. There were probably reasons for that.
πŸ‘  
json_metadata{"tags":["steem"],"app":"steemit/0.1"}
created2018-09-12 20:07:15
active2018-09-12 20:07:15
last_payout2018-09-19 20:07:15
depth1
children0
net_rshares0
vote_rshares0
children_abs_rshares0
cashout_time1969-12-31 23:59:59
max_cashout_time1969-12-31 23:59:59
total_vote_weight0
reward_weight10,000
total_payout_value0.015 SBD
curator_payout_value0.005 SBD
author_rewards21
net_votes1
root_authormeno
root_permlinkhow-are-you-login-in
max_accepted_payout1,000,000.000 SBD
percent_steem_dollars10,000
allow_repliestrue
allow_votestrue
allow_curation_rewardstrue
beneficiaries[]
root_title"How are you login in?"
pending_payout_value0.000 SBD
total_pending_payout_value0.000 STEEM
author_reputation2,575,964,280,825
promoted0.000 SBD
body_length0
reblogged_by[]
author_curate_reward""
vote details (1)

vote your-acct "h-p-oliver" "re-meno-how-are-you-login-in-20180912t200713823z" 100 true
post_comment your-acct "re-h-p-oliver-re-meno-how-are-you-login-in-20180925t135722523z" "h-p-oliver" "re-meno-how-are-you-login-in-20180912t200713823z" "" "your reply.." "{}" true

View on official site
@curatorcat ·
$0.02
It IS very confusing when you start... and you look at "permissions" and it seems like you have SIX passwords! *"What does what?"* I asked myself.

And it's not made easier by the fact that SteemConnect asks for different things, depending on which app/utility you are trying to access.

So yes, it's important to stay safe; thanks for the reminder!

Going to re-steem this.

=^..^=

Sorry to hear your brother-in-law lost some of his tokens...
πŸ‘  
json_metadata{"tags":["steem"],"app":"steemit/0.1"}
created2018-09-12 20:10:24
active2018-09-12 20:10:24
last_payout2018-09-19 20:10:24
depth1
children0
net_rshares0
vote_rshares0
children_abs_rshares0
cashout_time1969-12-31 23:59:59
max_cashout_time1969-12-31 23:59:59
total_vote_weight0
reward_weight10,000
total_payout_value0.015 SBD
curator_payout_value0.005 SBD
author_rewards21
net_votes1
root_authormeno
root_permlinkhow-are-you-login-in
max_accepted_payout1,000,000.000 SBD
percent_steem_dollars10,000
allow_repliestrue
allow_votestrue
allow_curation_rewardstrue
beneficiaries[]
root_title"How are you login in?"
pending_payout_value0.000 SBD
total_pending_payout_value0.000 STEEM
author_reputation2,214,475,370,970
promoted0.000 SBD
body_length0
reblogged_by[]
author_curate_reward""
vote details (1)

vote your-acct "curatorcat" "re-meno-how-are-you-login-in-20180912t201021919z" 100 true
post_comment your-acct "re-curatorcat-re-meno-how-are-you-login-in-20180925t135722524z" "curatorcat" "re-meno-how-are-you-login-in-20180912t201021919z" "" "your reply.." "{}" true

View on official site
@lemony-cricket ·
$0.05
This is really important, but why should we have to evangelise this to fellow Steemians? Steemit Inc is actually being **negligent** on this by providing a loaded footgun to users.

When you design a user experience, you should design it in a way that discourages insecure practices. There is a proverb that goes "you can lead a horse to water, but you can't make it drink." A corollary is, "you can't prevent a suicidal horse from dehydrating itself, but you _can_ make it wait by  the river until it dies."

The fact that the Condenser application even _allows_ logging in with the master password is negligent as hell. When generating their accounts, new users should be instructed to write their master passwords down and _never_ use them again... and if they try, _it shouldn't work._ Extra points for forcing them through the password reset workflow after detecting the activity.

Crypto can't go mainstream until we make the necessary security practices understandable to Average Joe. We need to expect as little of Joe as possible. We need to assume that he's not only stupid, but _actively_ acting against his own interests, because social engineering makes that not only possible, but probable; not only probable, but **inevitable**. 

Then, we need to do what we can to empower him (in a manner as _brain-numbingly simple as possible_) to protect himself from himself.

I may make this into a post later. Without cooperation from Steemit and a massive security awareness campaign, an extremely large portion of the Steem userbase, possibly even a majority, is headed for complete disaster. **We are one keylogger epidemic away from a mass extinction event.**
πŸ‘  ,
json_metadata{"tags":["steem"],"app":"steemit/0.1"}
created2018-09-12 20:48:36
active2018-09-12 20:48:36
last_payout2018-09-19 20:48:36
depth1
children0
net_rshares0
vote_rshares0
children_abs_rshares0
cashout_time1969-12-31 23:59:59
max_cashout_time1969-12-31 23:59:59
total_vote_weight0
reward_weight10,000
total_payout_value0.039 SBD
curator_payout_value0.012 SBD
author_rewards53
net_votes2
root_authormeno
root_permlinkhow-are-you-login-in
max_accepted_payout1,000,000.000 SBD
percent_steem_dollars10,000
allow_repliestrue
allow_votestrue
allow_curation_rewardstrue
beneficiaries[]
root_title"How are you login in?"
pending_payout_value0.000 SBD
total_pending_payout_value0.000 STEEM
author_reputation4,004,151,251,785
promoted0.000 SBD
body_length0
reblogged_by[]
author_curate_reward""
vote details (2)

vote your-acct "lemony-cricket" "re-meno-how-are-you-login-in-20180912t204833352z" 100 true
post_comment your-acct "re-lemony-cricket-re-meno-how-are-you-login-in-20180925t135722525z" "lemony-cricket" "re-meno-how-are-you-login-in-20180912t204833352z" "" "your reply.." "{}" true

View on official site
@rodneysreviews ·
$0.02
Posting Key.

When I joined in June, Steem 1010 advice was dispensed in the joing FAQ, which was adamant that using the "posting key" most of the time was imperative, and that if I used and compromised my master password, it would all be on my own head.

Since then, I have realized there are ways to get your account back even if you lose your master password (ie with help), but this should never be relied on.

Sorry your brother-in-law got burned like that. :(
πŸ‘  
json_metadata{"tags":["steem"],"app":"steemit/0.1"}
created2018-09-12 23:51:42
active2018-09-12 23:51:42
last_payout2018-09-19 23:51:42
depth1
children0
net_rshares0
vote_rshares0
children_abs_rshares0
cashout_time1969-12-31 23:59:59
max_cashout_time1969-12-31 23:59:59
total_vote_weight0
reward_weight10,000
total_payout_value0.018 SBD
curator_payout_value0.002 SBD
author_rewards25
net_votes1
root_authormeno
root_permlinkhow-are-you-login-in
max_accepted_payout1,000,000.000 SBD
percent_steem_dollars10,000
allow_repliestrue
allow_votestrue
allow_curation_rewardstrue
beneficiaries[]
root_title"How are you login in?"
pending_payout_value0.000 SBD
total_pending_payout_value0.000 STEEM
author_reputation1,115,361,052,426
promoted0.000 SBD
body_length0
reblogged_by[]
author_curate_reward""
vote details (1)

vote your-acct "rodneysreviews" "re-meno-how-are-you-login-in-20180912t235135523z" 100 true
post_comment your-acct "re-rodneysreviews-re-meno-how-are-you-login-in-20180925t135722526z" "rodneysreviews" "re-meno-how-are-you-login-in-20180912t235135523z" "" "your reply.." "{}" true

View on official site
@dedicatedguy ·
$0.02
This is very serious, what devices and OS is he using?

Any idea how he got hacked besides using the master password?
πŸ‘  
json_metadata{"tags":["steem"],"app":"steemit/0.1"}
created2018-09-13 04:15:03
active2018-09-13 14:33:03
last_payout2018-09-20 04:15:03
depth1
children1
net_rshares0
vote_rshares0
children_abs_rshares0
cashout_time1969-12-31 23:59:59
max_cashout_time1969-12-31 23:59:59
total_vote_weight0
reward_weight10,000
total_payout_value0.016 SBD
curator_payout_value0.005 SBD
author_rewards21
net_votes1
root_authormeno
root_permlinkhow-are-you-login-in
max_accepted_payout1,000,000.000 SBD
percent_steem_dollars10,000
allow_repliestrue
allow_votestrue
allow_curation_rewardstrue
beneficiaries[]
root_title"How are you login in?"
pending_payout_value0.000 SBD
total_pending_payout_value0.000 STEEM
author_reputation41,374,735,617,682
promoted0.000 SBD
body_length0
reblogged_by[]
author_curate_reward""
vote details (1)

vote your-acct "dedicatedguy" "re-meno-how-are-you-login-in-20180913t041508482z" 100 true
post_comment your-acct "re-dedicatedguy-re-meno-how-are-you-login-in-20180925t135722527z" "dedicatedguy" "re-meno-how-are-you-login-in-20180913t041508482z" "" "your reply.." "{}" true

View on official site
@meno ·
no idea so far...
json_metadata{"tags":["steem"],"app":"steemit/0.1"}
created2018-09-13 14:33:03
active2018-09-13 14:33:03
last_payout2018-09-20 14:33:03
depth2
children0
net_rshares0
vote_rshares0
children_abs_rshares0
cashout_time1969-12-31 23:59:59
max_cashout_time1969-12-31 23:59:59
total_vote_weight0
reward_weight10,000
total_payout_value0.000 SBD
curator_payout_value0.000 SBD
author_rewards0
net_votes0
root_authormeno
root_permlinkhow-are-you-login-in
max_accepted_payout1,000,000.000 SBD
percent_steem_dollars10,000
allow_repliestrue
allow_votestrue
allow_curation_rewardstrue
beneficiaries[]
root_title"How are you login in?"
pending_payout_value0.000 SBD
total_pending_payout_value0.000 STEEM
author_reputation76,038,055,539,105
promoted0.000 SBD
body_length0
reblogged_by[]

vote your-acct "meno" "re-dedicatedguy-re-meno-how-are-you-login-in-20180913t143312683z" 100 true
post_comment your-acct "re-meno-re-dedicatedguy-re-meno-how-are-you-login-in-20180925t135722528z" "meno" "re-dedicatedguy-re-meno-how-are-you-login-in-20180913t143312683z" "" "your reply.." "{}" true

View on official site
@kantos ·
Es un excelente consejo amigo @meno Muchos usuarios no conocen ese dato y usan la contraseΓ±a de propietario para todo, quedando de este modo mas frΓ‘giles y sin seguridad si llegara a caer en manos equivocadas.<div class="text-right"> Again... <div class="phishy"> <i> THANK YOU! <br> </i> 

https://steemitimages.com/0x100/https://i.imgur.com/oIujWBY.png</div>
πŸ‘  
json_metadata{"tags":["steem"],"users":["meno"],"image":["https://steemitimages.com/0x100/https://i.imgur.com/oIujWBY.png"],"app":"steemit/0.1"}
created2018-09-13 05:17:57
active2018-09-13 05:17:57
last_payout2018-09-20 05:17:57
depth1
children0
net_rshares0
vote_rshares0
children_abs_rshares0
cashout_time1969-12-31 23:59:59
max_cashout_time1969-12-31 23:59:59
total_vote_weight0
reward_weight10,000
total_payout_value0.000 SBD
curator_payout_value0.000 SBD
author_rewards0
net_votes1
root_authormeno
root_permlinkhow-are-you-login-in
max_accepted_payout1,000,000.000 SBD
percent_steem_dollars0
allow_repliestrue
allow_votestrue
allow_curation_rewardstrue
beneficiaries[]
root_title"How are you login in?"
pending_payout_value0.000 SBD
total_pending_payout_value0.000 STEEM
author_reputation2,100,081,708,305
promoted0.000 SBD
body_length0
reblogged_by[]
author_curate_reward""
vote details (1)

vote your-acct "kantos" "re-meno-how-are-you-login-in-20180913t051750998z" 100 true
post_comment your-acct "re-kantos-re-meno-how-are-you-login-in-20180925t135722529z" "kantos" "re-meno-how-are-you-login-in-20180913t051750998z" "" "your reply.." "{}" true


created by @roadscape