Encrypting and Securely storing your Steem keys

in #steemit8 years ago (edited)

This will be the first of a set of security tutorials. It is aimed for beginners to be able to follow while still following some of the best practices.

Why should I care?

A lot of you are new to cryptocurrency. It's always important to make backups, but how do you do it securely? Well, some people use dropbox, email or other file sharing solutions to back up the keys. 

If you follow this even if you get hacked, the attacker has nothing. It's difficult to prevent access but it's not that hard to use cryptography to keep you safe. Would you leave your safe full of gold open, just because you locked your front door?

I'm going to share one of the safe and easy ways to protect your keys and have access.

Keepassx
keepassx is a free, open source and versatile wallet for your sensitive information. You can download it here: https://www.keepassx.org/downloads. I'll use the linux version to demonstrate a secure setup.

Steps:

1. If it opens with a pop-up requesting a new password click cancel

2. Now click file->new

3. You're going to want to enter a STRONG password, and I recommend generating a Key File. A Key File is a separate file you need to use to access your database. This allows you to put your database in one place say drop box or email, and the Key File in another so even if your database is stolen and password found they can not access it.

4. Now you have a strong password, a key file and a new database. Click entries->add new entry. You can find your keys here: https://steemit.com/@yourusername/permissions

5. Here's what a typical entry of mine might look like.

6. Remember to save ctrl+s or file->save. It's not good to leave this window open so after you are done close it.

7. Store your database in one location. Store your key file in a separate location, for instance a USB stick, a different account that is not tied to your file shared location. It's important to keep the two separate once you're done entering your important information. If you lose your key file there is no recovering your database.

Note: Remember if you update your database to back it up, however the key file will remain the same.

Best,
Creationlayer


Sort:  

If you want single sign-on to all your encrpyted passwords and steemit login, you can check out http://lastpass.com. They offer similar features to KeePass along with a browser extension that can automatically fill login fields and stores your encrypted password database on a server so it is securely accessible anywhere.

They offer multi-factor authentication methods: https://helpdesk.lastpass.com/multifactor-authentication-options/ While I think with multi-factor and lastpass it's a convenient and safe option for many sites you use, I prefer to use keepassx for storage of private keys.

Great post going to do this tomorrow.

be patient and make sure to do it right.