I have been researching steem account creation using 3rd party tools such as @AnonSteem or @SteemConnect. These sites provide an easy way for users to create new accounts. This means that both @AnonSteem and @SteemConnect get access to the newly created private keys which they then expose to the users to save. Then users are directed to change their account password via steemit.com which generates new private keys. This may lead users to believe that their new accounts are safe.
But what would happen if the sites above do not actually delete the initial keys? Could the owners of those sites potentially take over newly created accounts? From what I have read during the first 30 days, they could potentially request an account recovery to the newly account using the original/old keys. This of course assumes that they do have the original/old keys. Those sites state that they delete the original/old keys, but there is not way to know for sure other than the developers of those sites.
So I have a couple of questions:
Is it possible for the above sites to take over accounts from new users within the first 30 days of the account creation using the original/old keys?
Are the accounts safe after the 30 day period assuming that the new account changed the original account password and generated new private keys, or is it possible to somehow be able to access the new account in some shape or form with the old keys?
Do you have discord account ? I need to talk with you about some issue
Congratulations @jvelazqu22! You received a personal award!
Happy Birthday! - You are on the Steem blockchain for 1 year!
Click here to view your Board
Your level lowered and you are now a Red Fish!
Congratulations @jvelazqu22! You received a personal award!
You can view your badges on your Steem Board and compare to others on the Steem Ranking
Vote for @Steemitboard as a witness to get one more award and increased upvotes!