STEEMIT Two Factor Authentication, Where is It?
Image credit and story idea credit:
http://lifehacker.com/5938565/heres-everywhere-you-should-enable-two-factor-authentication-right-now
I photo cropped and edited this image to suit my STEEMIT SECURITY STORY!
Where is The 2FA?
It has almost been a month since the Steemit Hack and I still do not see any option to add 2FA to my account. I was sure I read the message correctly from the security team when it said they would be adding 2FA to the site, but I have still not seen anything yet. Enabling 2FA is a basic necessary first step towards increased security.
What is 2FA?
Two Factor Authentication is when a separate device (i.e. Google Authenticator or Authy app on your iPhone or Android device) generates random passwords in a regular time interval for you to use when logging in. So if someone hacks your social network password they would also need to get your 2FA password too which is usually over the scope of the hack.
Long Passwords Just Don't Cut It Anymore!
We have already seen regular passwords breached here at STEEMIT last month. Hackers these days are more sophisticated and determined to hack as much as they can as fast as they can. For example look at what just happened at Bitfinex, a hacker drew down 60 million in funds in the blink of an eye, and with so much of peoples hard earned STEEM, users deserve the option to POWER UP our security.
STEEMIT Needs to get Funds in Cold Storage If they are not already!
What we have learned from the Bitfinex Hack is that in order to protect the funds they must be in cold storage, offline, not connected to the internet. Especially since our funds are locked up for 2 years while POWERED UP at STEEMIT, this should be a given.
STEEMIT Needs to Shift some of the Crazy Money to Security NOW!
This whole thing is beginning to remind me of the DAO. We have this great thing, all this money sloshing around, however we don't have a very good security plan in effect yet! We all see it every day, people with loads of steem bringing in even more every day! Some bloggers are making 25 Grand on beauty blogs, when that 25 Grand should be going to a security developer on the DL so they can keep this ship afloat! The last thing we need here is a round of socialized losses! Steemit also needs to get Insurance on their funds to protect from unforeseeable events and this will cost steem! Some of these security costs may take some of the gusto out of the short term rewards, but I think it will be well worth it in the long run.
I would feel safer with two factor auth, because I do want to hold some SBD to get that 10% interest.
This is not entirely true, steemit not holding your STEEM/SBD, it's just a front end for your wallet. as long as you have control of your owners private keys your money is safe. But I 100% agree with you, we need 2FA on steemit.
Well how did all those steemers get hacked last month? How did they loose control of their keys?
because they type their owner key as password, the hacker using xss to steal that key :)
Thanks you guys cleared that up for me, I guess we still need 2FA for SBD though. POWERED UP IS very SAFE, but SBD Insurance should be sufficient!
I'm all about insurance.
Yep, 2FA should be provided by any service that can operate with user's funds.
Hi! This post has a Flesch-Kincaid grade level of 7.3 and reading ease of 78%. This puts the writing level on par with Tom Clancy and F. Scott Fitzgerald.
Well.. It's a good way for them to encourage you to convert your SD and steem to steem power. That way no one can steal your money and in the same time steem is less volatile which means it has more value.
It's a good strategy.
I don't think the threat of loosing funds could ever be a good way to incentives anything!
You are right! but this is my only explanation why we don't have this basic feature yet.
I am sure that people are choosing to power up because of this. Am I wrong?