RE: PSA: Really good phishing attempts ongoing, be extra careful where you enter your keys!

It is very easy to avoid such issues by incorporating a Two Factor Authentication for signing in. Everyone has a phone these days, and one form of identification could be to authenticate by way of a code sent to the phone. So it is not too inconvenient for users, and in fact people will appreciate the additional security - just as all of us appreciate the extra security at airports even though it adds to the waiting time.

I did read an earlier post about why n-factor identification would be an overkill for a social media site. Every established website has this, at least as an optional feature, so there is no reason why Steemit shouldn't have it too. All the more reason since there are financial transactions occurring on Steemit, and most active users also have money stored in their wallets.

Please let me know if you think that it is not a good suggestion at all.

Sort:

Trending

[-]

reggaemuffin (66) 7 years ago

That is sadly not possible, to cite my other comment:

2fa won't work in a decentralized environment. To enable that means steemit(the company) would have to be able to block any transaction on the network from happening.

steem has the owner key/master password that is exactly for that purpose. To keep offline in case of crisis.

And it has a recovery process if your owner key got compromised, where your last owner key and your recovery account (most likely steem) together change your owner key to a new one, recovering your account.

$0.05

1 vote