You are viewing a single comment's thread from:
RE: SteemLogin - a new and easy way to sign in to Steem!
Anything storing your chain passwords is a potential risk of losing everything. If you're going to trust someone to store your data it should be yourself or your browser.
There are two trusted methods right now, steem keychain handshake.
The other method is to compare your private key to public key and on confirmation create a session, then store the posting key in the browser encrypted.
I am not a fan of storing your keys with third parties (even if the data is encrypted). However the risk is minimal since the only key that is stored is the posting key. So no risk of financial loss is at stake. Even if the security layer is compromised you can always change your password and that would be the end of the issue.
Overall it looks like an acceptable solution for normies without puting the wallet at risk or the need to download any additional software.
The posting key can do a lot of damage. Following, upvoting, overwriting all your posts and comments, and resteeming which can't be undone.
Someone can turn your page to garbage with just your posting key. They have the ability to destroy what you have worked hard to build up even if they only get your posting key.
My upvote was $100 once upon a time.
I sure don't want someone steal my posting key if we even get to that price.
People are jumping on every new thing like Drugwars or steem bet and many others.
They can type anything and then you can get a lot of downvotes and in a few hours your reputation could go for a toss
Lol, like steem reputation means anything.
Sure it does:
Steemit reputation, not actual reputation.
It's tempo-spatial dependent. In an echo chamber, it means everything.
In the real world, probably nothing.
Hm, we could make an experiment and try to sell our reputable accounts via ebay - and find out :D
Exactly... with someone's posting key ... one could post something controvertial or absurd.
No key should be entered anywhere.
Why cant steem issue temporary login keys to the user for 3rd party apps that expire after a brief period maybe via sms on request, rather than user giving their steem keys to 3rd party.
Cost: Maybe, someone, sometimes, somewhere posts something after hacking for no good reason
Benefit: it's waaaay more convenient and could attract more people
If Benefit >> Cost, we do it
Electricity can kill us, cars as well