|
1 | 1 | --- |
2 | | -title: Keys variations |
| 2 | +title: Account security and keys |
3 | 3 | --- |
4 | 4 |
|
5 | 5 | ### Why are there different keys? |
6 | 6 |
|
7 | 7 | There are different keys with the appropriate permissions for what you are doing. |
8 | 8 |
|
9 | | -Posting keys - this key should be used for social networking actions, like posting, commenting and voting. This key has a limited set of permissions and it is not able to be used for monetary actions. So you can't lose money if someone else gets access to this key. |
| 9 | +- **Posting key** - The posting key allows accounts to post, comment, edit, vote, reblog, and follow or mute other accounts. Most users should be logging into Hive every day with the posting key. You are more likely to have your password or key compromised the more you use it so a limited posting key exists to restrict the damage that a compromised account key would cause. |
10 | 10 |
|
11 | | -Active key - this key has additional permissions for more sensitive monetary-related actions, like transferring and exchanging tokens. When performing a wallet related action, you may be prompted to authenticate with your Active key. You should only enter your Active Key into apps which you trust because anyone with access to this key can take your tokens. Do yourself a favor and store this key safely to avoid losing tokens in the future. |
| 11 | +- **Active key** - The active key is meant for more sensitive tasks such as transferring funds, power up/down transactions, converting Hive Dollars, voting for witnesses, updating profile details and avatar, and placing a market order. |
12 | 12 |
|
13 | | -Owner key - is the most powerful key because it can change any key of an account, including the owner key. Ideally it is meant to be stored offline, and only used to recover a compromised account. |
| 13 | +- **Owner key** - The owner key is only meant for use when necessary. It is the most powerful key because it can change any key of an account, including the owner key. Ideally it is meant to be stored offline, and only used to recover a compromised account. |
| 14 | + |
| 15 | +- **Memo key** - Currently the memo key is not used. |
| 16 | + |
| 17 | +### What's password or master password? |
| 18 | + |
| 19 | +The master password is used to derive all keys for your account, including the owner key. If someone has access to your master password, they can steal your account and all of the tokens in it. |
| 20 | +The password has to be long and random for maximum account security that's why Ecency signup generates them randomly and does not store it. After signup, it is recommended you change your password and backup safely. |
| 21 | +Again, save your master password and keep it safe! If logging in with your private posting key, make sure you don't overwrite or misplace your original master password. |
| 22 | + |
| 23 | +### What do I do if I lost my password/keys? |
| 24 | + |
| 25 | +There is no way to recover your account if you lose your password or owner key! Because your account has real value, it is very important that you save your master password somewhere safe where you will not lose it. |
| 26 | + |
| 27 | +It is strongly recommended that you store an offline copy of your password somewhere safe in case of a hard drive failure or other calamity. Consider digital offline storage, such as an external disk or flash drive, as well as printed paper. Use a safe deposit box for best redundancy. |
| 28 | + |
| 29 | +### How account recovery works? |
| 30 | + |
| 31 | +Account recovery only works if your password/keys have been changed within last 30 days and you still have access to your old password/keys. |
| 32 | +Entire process relies on recovery agent's availability and your swift action within 30 days. |
0 commit comments