Yeah, on SteemIt, your master password is a private key. Your "master" private key can generate new keys for memo/active/posting/owner.
When you see your keys displayed, if they begin with "STM" they are the public keys. If the key begins with "5K" then it is the private key. You can generate new private keys from the "master" key. However, the "master" key begins with "P5K" in my case.
You can never generate the private key from the public key. That is why you should be using your public key (preferably the "posting" key) to be logging in. When you need to make a transfer, you should use likely use your active key.
I am going to keep thinking of ways to allow a user to have some type of backup. It will come with the disclaimer that it might add an avenue of attack for a persistent hacker, but if the 2FA implementation is done right, it would be like using any other 2FA to verify login (just that it would only be used for regaining access to your "master" private key .. we only need the "master" because that can be used to create completely new keys for everything else)
STEEM as a technology can be very advanced. It does get a little confusing with the use of 4 keys. Especially since one is called a "password". (they are all passwords)
Yeah, on SteemIt, your master password is a private key. Your "master" private key can generate new keys for memo/active/posting/owner.
When you see your keys displayed, if they begin with "STM" they are the public keys. If the key begins with "5K" then it is the private key. You can generate new private keys from the "master" key. However, the "master" key begins with "P5K" in my case.
You can never generate the private key from the public key. That is why you should be using your public key (preferably the "posting" key) to be logging in. When you need to make a transfer, you should use likely use your active key.
I am going to keep thinking of ways to allow a user to have some type of backup. It will come with the disclaimer that it might add an avenue of attack for a persistent hacker, but if the 2FA implementation is done right, it would be like using any other 2FA to verify login (just that it would only be used for regaining access to your "master" private key .. we only need the "master" because that can be used to create completely new keys for everything else)
STEEM as a technology can be very advanced. It does get a little confusing with the use of 4 keys. Especially since one is called a "password". (they are all passwords)