You are viewing a single comment's thread from:

RE: Steem Basics: Understanding Private Keys

in #steem6 years ago

So, I should avoid logging on a Steem app I don't trust, even using my posting key?

I notice that when I login Dtube or Steem Monsters, I'm inside their domain, so I'm actually sending my password to their web server.

Some Steem App then can verify my password on blockchain, and save it? And use it on other Steem Apps? Or be hacked and have my password stolen and used?

Sorry, if my password is sent directly to a Steem App's web server and it's the one validating it on Steem blockchain, I don't feel secure about it. Shouldn't it be using some kind of token or single sign on? In example, many sites allow us to use a standard SSO to log on them, but in this case they redirect us to a SSO authoritative's website (Google in example) and it's in that one we login, then we're redirected back to original site who just recognize the authentication without ever seeing our password.

6 years ago in #steem by
100%
    -100%

      Downvoting a post can decrease pending rewards and make it less visible. Common reasons:

      • Disagreement on rewards
      • Fraud or plagiarism
      • Hate speech or trolling
      • Miscategorized content or spam

      Submit
      0.00 BPC
        1 vote
        Reply 1
        Sort:  
      • Trending
        • [-]
         6 years ago 

        Yes, or you could use Steem Connect.

        100%
          -100%

            Downvoting a post can decrease pending rewards and make it less visible. Common reasons:

            • Disagreement on rewards
            • Fraud or plagiarism
            • Hate speech or trolling
            • Miscategorized content or spam

            Submit
            0.00 BPC
              Reply