Security Update: Keys Changed!
Hi fellow Hiveians,
Today I wanted to share this important but STRESSFUL milestone for me LOL changing my keys!
Security Update: Keys Changed!
This has been something that I've been meaning to do for quite some time, since we flipped from the Steem chain over to this one back in 2020. It's been quite a ride since! I do know that when I was first starting out though, I did some foolish things with my account and password by entering it right in when I was logging in, instead of using my posting or active keys. I don't know, with the amount of data that transpires on the internet daily, if that is available somewhere but even if it is, now it won't make much of a difference for me!
One of the things that I found difficult was the challenge it took in order to find out how to perform the process. When one is looking for information on how to do this, naturally you search the chain to see what posts appear for the particular query you are interested in.
I will say that I am dismayed that it wasn't easier to find "changing keys" and have it be a relevant post! I feel bad that I didn't write the name of the person who helped steer me in the right direction down but it was someone that I have interacted with and that was good. They linked to another account that wrote a good tutorial but alas my browsing history clears on exit and I didn't drop a comment on the post like I should have thanking them. Mental note for next time I do something like this, thank the people that helped me out by reading their challenge! Lol
It's kind of fitting that this post is on the New Year I think! Let's start the year off fresh and on the right foot! I don't normally do New Years things but this is one that I can appreciate! I feel a lot better with the security of my account now that I have a much smaller amount of exposure with those keys and passwords over the internet. I might give them another change once I get some other things adjusted up, now that I'm familiar with how to perform the process. The familiarity was the trickiest part! Thankfully there are a number of services that we can use but for me, it was ol' faithful PeakD that pulled through with I think the best interface for doing that action.
With PeakD, you navigate to your wallet and then go to Account Actions on the right side there, and Keys & Permissions is the spot!
From there you want to go over to "Change Password" and it will bring you to the page that has lots of helpful information on it but if you're like me, you're sweating your ass off making sure you don't screw it all up hahaha.
Once I put in my Owner key, triple checked it was correct and re-read the post that I was using as a reference guide, I finally did it! Little did I know that there was an additional step. You are able to save the text file it generates and do other steps that you need to in order to secure it. I did all of this and went back once again over the steps lol I then took a deep breath and pulled the trigger! In a few milliseconds my account keys were changed! Damn that was stressful as SHIT!
Thankfully in following the tutorial and guide posts, I did perform the same steps with an alternate account of mine that I no longer use or care about so that helped. I was able to do it successfully on that account which then I used to replicate onto my main account soon after. If there is anything I can do to recommend to people, is that you do it in a test first! Make a brand new account if you have a little bit of time. Delegate some Resource Credits to it so that it has the power to perform these things and give it a try. I think that's so important with Crypto, is doing test transactions first before going ham and doing the big one! Many people are too used to having someone behind the scenes to help but alas, that's not always the case!
In the end, as stressful as it was, I knew that if somehow I did muck it up, I could recover my account as well which is good! I set my recovery account a long time ago which was a lot easier to do, so that step was done. Updating my keys was the latest improvement I've made to the security of my account and it felt great!
-CmplXty. Real human written content, never AI.
Do you want to get paid, in crypto, for searching the internet? Try using and signing up for Presearch to earn some great crypto! I've currently got 2,720 PRE tokens, with a market value of $380.27. It doesn't sound like a lot but when you search using sites like Google you get paid $0! Join Presearch to break Google's stranglehold on the internet searches. If you'd like to sign up, use my referral link below and spread the word!
https://www.presearch.org/signup?rid=513043
Posted Using LeoFinance Beta
Congratulations @cmplxty! You have completed the following achievement on the Hive blockchain And have been rewarded with New badge(s)
Your next target is to reach 97000 upvotes.
You can view your badges on your board and compare yourself to others in the Ranking
If you no longer want to receive notifications, reply to this comment with the word
STOP
To support your work, I also upvoted your post!
Check out our last posts:
I have not set my recovery account yet. I thought about doing it and created an account for my wife for that in 2020. May be this is the first thing I do this year :)
Setting a recovery account is super easy dude, you should do it! I think I did it on hivetasks but I think more front ends have added it like Ecency and PeakD. It's so simple and takes 5 seconds! Lol
After that, maybe you should give your keys a change too! I know I was a little willy-nilly in the beginning with my keys, so it only helps that now the only thing that's been out there is my posting key, not even my active which was what I was most nervous of.
I did not know that I can get by not using active keys. My active keys are everywhere. Do I need to change those?
I don't think it would hurt to generate new keys. Do you access Hive/Leo via mobile or your laptop?
I would recommend using Hive Keychain on both and I know Leo on my phone doesn't work with the Keychain app for whatever reason, so I do use Hive Signer for that one. With using Hive Keychain, not copy/pasting the password into the window asking for active authority, which I was doing a fair bit over the years lol, that only means that your posting key gets entered into those websites like PeakD, when you authenticate, or Hive Signer to pre-load the authentication necessary.
If you're asking about powering up and stuff using Keychain, that's the public Active key and that's fine because Keychain processes the Active transaction locally so it takes the draft transaction, inserts the private Active key, then broadcasts out to the internet instead of broadcasting the Active key like entering it into a website like Splinterlands to buy or sell something. I was doing the latter more than I should have lol my ISP or phone company knows my Active key.
I feel this, changing my keys felt stressful as well when I did it!
Did you change your recovery account too? On the Steem chain they were automatically set to Steem!
!BEER
Maybe it was your post that I read lol I can't remember who I read that did it but they inspired me to figure it out!
I changed my recovery account back when we swapped over to Hive thankfully, so that's been fixed for a while!
View or trade
BEER
.Hey @cmplxty, here is a little bit of
BEER
from @phoenixwren for you. Enjoy it!Learn how to earn FREE BEER each day by staking your
BEER
.I have been wanting to do the same and actually have done it once on the older chain, but then I didn't have the amount of stake I have now, so I am scared to fiddle with changing keys now.
Seeing your post about it puts me at ease, we need to have more posts like this am sure it will be useful to most.
Posted Using LeoFinance Beta
Yeah man that’s good! I know as the stake grows, you feel more of a need to do these things which is important in the long run. I think I’ll be changing them once more in a few weeks but not sure yet. I had to give hive.vote my active key which I think is ridiculous when it’s all on the posting key. I don’t remember giving it the active key before.
It is scary but one thing is to create the alternate account and mess around with it on there. Delegate it some resource credits and then go to town on generating them and making sure it’s done right. That was a big help for me!
Thanks for reminding me on those things...got sth to do when it comes to this.
You’re welcome! I know that it’s stressful and not something we would like to think about and do but between when we start out and when we get a lot more familiar and confident in our chain knowledge, I’m sure there was some Willy-nilly use of our passwords around websites lol I know it was for sure on my part that way. Felt good to clean up that security hole!
It is stressful. Good call getting a feel for it with an alt account first, I like that. I've had the following article by roleerob bookmarked for awhile that's nicely explained in case someone tuned in is interested.
https://ecency.com/hive-163399/@roleerob/peakd-review-changing-our-all-important-keys-to-the-hive-blockchain
Thanks for the link, I think @joetunex would find that one helpful!
Get things in place for you to do it as well man, recovery account and new dummy account and git r done!
Am surely going to find it useful and have it bookmarked as well, this is a very serious topic 😀 the more explanations about it the better.
Posted Using LeoFinance Beta
Yeah for sure! And it helps to give it a try on an account you don’t care if it gets screwed up lol then you could also go through the recovery process too and experience that. I might do it myself!
I did that once, changed all my keys; and yes, it was stressful as F... . Once it's all set up it works great, at least! Good on ya for doing that.
I like hte idea of creating a dummy account with which to test things. Good idea. I also like to keep my keys in an encrypted text file in an encrypted folder, or use Last Pass, depending on the use case.
Ya having the alt account to give this a dry run was a huge plus lol. Since we switched over to hive here you should give yourself a security update and change the keys man! Just make sure to create two dummy accounts, one to set it as your recovery account if you haven’t got one already, and one to give this a whirl on.