I had a break in writing technical articles, because I need some time to organize two Steem Meetups (in Wrocław and in Warsaw), and to give a talk about Steem in Łódź.
But finally I am back on track regarding my Steem Security series, so today I am able to publish 3rd articles from this series. If you didn't read my earlier articles about different aspects of security of your steem account, you can find list of those articles on the bottom of this article.
Real password and keys: demo
So, last time we learnt about why private keys are needed. This time we will learn how they are generated.
You already have seen in my 1st post in a series a demo gif/video, where I showed how to login to an account with a private key instead of a password. During this demo I also showed, that at the time of recording I used password P5KB2ir4BaDTeeBe5SUW16F6NYGeYSVaUBn261kDPLGGCSiNahtm to log in on my noisy3demo account.
Now I want to show you, that you actually don't have to type your master password on Steemit website, to generate all your keys. You can generate them being totally offline!
How to locally generate all Steem users keys from master password
With some help of python code and steem library, we can write something like this:
from steembase.account import PasswordKey
account = 'noisy3'
password = 'P5KB2ir4BaDTeeBe5SUW16F6NYGeYSVaUBn261kDPLGGCSiNahtm'
key_types = [
'posting',
'active',
'owner',
'memo',
'foo_bar'
]
for key_type in key_types:
private_key = PasswordKey(account, password, key_type).get_private_key()
public_key = private_key.pubkey
print('Private ' + key_type + ' key: ' + str(private_key))
print('Public ' + key_type + ' key: ' + str(public_key) + '\n')
This gives us:
Private posting key: 5JLMze1sUVPhUBwTVjZyQhFMGfbN5KB7nqHfKjXuN5GUTYTbYFy
Public posting key: STM6GkXgEKTYc7gNv1GWJ5ZseyESHQnN7nr3rxdo5sBjzWQcdMyKy
Private active key: 5JFfMWjWMjnhu6vJKB2uUwUaLCws9JotHzLB8wkVEZjsZnSzDTv
Public active key: STM5uLTFYpPK4XVLMe16uuQFdW1Vo2MzN9UPqHQKjePwB76NnS9qk
Private owner key: 5JKjBjfRVZaf8H5w8XgiB6HfEH2SFJXUJL3QA6mteg5uQ3qRW9M
Public owner key: STM7iZnny8bvNRd6v6nx25XG6ijAKZs1ANvtuqTN2gjSYWXHC8Jgy
Private memo key: 5JvpThC3DwjHkupj6jnT5pnFW21Bsj3g4GhxhLLtM2WNsV2ynPw
Public memo key: STM5uEy2yYnoqVY9ksfkMbbY3UH4qFygARn2SW7PFJ4cRErHbH7Vh
Private foo_bar key: 5KJQP53B4MPHCWBQ8Xm9ydhKmjqrouRuf8UWWEZjHtkgmrtNCc5
Public foo_bar key: STM7hNqe6DJmXsqaDG8poaDVAvQx59EgWWQUbVLRUfi2Ab7mCvsnJ
So as you can see, private posting key is exactly the same like in my demo gif/video above:
.png)
From technical point of view, from your password can be generated even new type of keys, like Private foo_bar key and Public foo_bar key :)
This article belongs to series of articles which describes security on Steemit:
- What is the difference between a password and a private key(s) on Steemit? How to make your account more secure, by using them correctly.
- Public and Private Keys - how they are used by Steem, making all of these possible?
- How to generate all Steem user's keys from master password, without a Steemit website, being OFFLINE (this article)
- How to set own password, which is not generated by Steemit
- How passwords are stored by Steemit in your browser, and why it is secure.
- How to setup multisig/multiple authorities for your account
- ...
Make sure to follow my account, if you don't want to miss any of these :)
This is great - resteeming cause many keep asking about it!
Like I tell most users, keep your private key offline and stored safely, you'll only need your posting and active key when using Steemit generally.
Thank you for reSteeming @acidyo.....otherwise it would have been missed. Cheers.
next article will be probably about: how to set own password (any length), without a Steemit website :)
Nice! Now I can finally change my password to hunter2 !
Reference
I am changing all my passwords to "incorrect", guess why
LOL that's too funny!
So the error message reminds you what it is :p
We have a winner! You just won 0.00000000001 SBD!!!
Niiice! You sent me 9x more SBD than I actually won, lol! I'm gonna buy an island now
that would be so great
Thanks for resteeming this! I otherwise would not have seen this useful post!!
You're right about keeping the private key offline and stored safely!
@acidyo
tip! link
Hi @acidyo! You have just received a 0.1 SBD tip from @sneakgeekz!
@tipU - send tips by writing tip! in the comment and get share in service profit :)
By upvoting this comment you support the service - thanks!
Two months ago I scoured steemit for an answer to this exact question and it did not exist. Thank you for you for this. It is currently the first and only post I have bookmarked :)
It EXISTED. its just that Steem has terrible search engine. Steemwiki has all the answers now.
Thank you for posting @noisy.
This is the kind of information Steemians can use. Cheers.
@noisy you deserve a tip! 0.3 link
Hi @noisy! You have just received a 0.3 SBD tip from @imperfect-one!
@tipU - send tips by writing tip! in the comment and get share in service profit :)
By upvoting this comment you support the service - thanks!
This is very helpful, thanks. I just started experimenting with the python Steem library for some ideas of my own.
This comment has received a 6.45 % upvote from @buildawhale thanks to: @buildawhale.
This is some interesting stuff you show us in this post thank you. Good to know that I don't need my master password but only the active and posting key.
I see Ubuntu <3
This great news. That means in case the steemit website suffers a ddos which is isn't very likely, you still get access to the blockhain with your private keys. Thanks for sharing this great information. We need this type of education for the community.
@tipU - send tips by writing tip! in the comment and get share in service profit :)
By upvoting this comment you support the service - thanks!
Good news and interesting thank you
no way
it.s amazing
Interested
A very important information for all the steemians, especially for those who just joined.
very interesting
Thanks for taking the time to write this article with some useful informations about how to generate generate all Steem user's keys from master password, without a Steemit website, being OFFLINE. All the steps are clearly shown in the gift you made which is very easy to understand and follow.
That seems handy -- but also scary. Does it not mean that some other person can generate my password also?
Forgive me if it's a foolish question; I am a good computer user but the nitty-gritty complexities like this are far above my level and outside my field.
Don't worry. It is always better to ask, if you do not know something ;)
Nope. Your password and your account are safe as long as you keep them private. But if you will publish your password anywhere, then someone else (even being offline) will be able to generate from that password all type of keys to your account.
Until quantum computers start brute forcing our passwords. :(
then every ciphered connection and every cryptocurrency will be in danger, but... only to a moment when it will be upgraded. Cryptography is fairly new science, there are plenty new solutions to discover.
Hehe yeah. There is also this:
https://coinmarketcap.com/assets/quantum-resistant-ledger/ :D
Thanks for sharing @noisy . I Will read it first.
@noisy, thank you very much for this info!!
I really appreciate this post @noisy. I'm pretty new here and was having a bit of trouble understanding the differences between all the passwords. Thanks
that, you do not need to use Steemit, to manage your private keys ;)
Very useful to know,thanks for sharing.
Thanks...
Wow this is so much interesting. It's been a long time now i've been trying to do most of all this cause am actually a new steemian. But today you've tought me some parts of this. Thank you for sharing👍
Great
You were in Wroclaw, I love this city. been there several times for work. Did you like it?
I study at Wrocław University of Science and Technology, so I know the city very well. Even after my studies, when I moved to city located next to Wrocław (Oława), so visited Wrocław every day for next 4 years due my job.
In other words, of course I love WrocLove ;)
BTW, if you are sometimes in Poland, consider joining our meetup group. We already organized two meetups in Wrocław and Warsaw, and for sure there will be more in the future :) People in meetup group are notified about upcoming events :)
Upvoted done :)
Wonderful post.. Keep on the good job.
I now follow you.
Please, have a look into my blog may you like any of my posts :)
https://steemit.com/home/@asmaasema/5upb6x-preventing-birth-defects-steps-to-take-before-and-during-pregnancy
Love this for security purposes!
Thank you for this valuable post and series. I will be resteeming, upvoting and tipping.
tip! post
meep
Check out the newest post from @sneakgeekz: Singapore July 2017 Blockchain 2.0 Master Class and follow if you like the content :)
@tipU - send tips by writing tip! in the comment and get share in service profit :)
By upvoting this comment you support the service - thanks!
Wow, I'm glad one of the people I follow re-steemed this post. Now I know to follow you too.
Thanks for the amazing information. I'm looking forward to reading more in your series! .. and whatever other cool stuff you decide to post :)
I learn New things everyday on Steemit
Follow back bro
Pozdrowienia z wypoka! tip! 0.3
Always use the command line if you can. But one alternative is @xeroc's paper wallet:
https://github.com/xeroc/steem-paperwallet/releases/
Great tech hack! - now everyone is deleting their private keys offline --lol
This nice post
@noisy, I got
BTSprefixes in the output of the python script. I guess I have an old library or something.Private posting key: 5JLMze1sUVPhUBwTVjZyQhFMGfbN5KB7nqHfKjXuN5GUTYTbYFy Public posting key: BTS6GkXgEKTYc7gNv1GWJ5ZseyESHQnN7nr3rxdo5sBjzWQcdMyKy Private active key: 5JFfMWjWMjnhu6vJKB2uUwUaLCws9JotHzLB8wkVEZjsZnSzDTv Public active key: BTS5uLTFYpPK4XVLMe16uuQFdW1Vo2MzN9UPqHQKjePwB76NnS9qk Private owner key: 5JKjBjfRVZaf8H5w8XgiB6HfEH2SFJXUJL3QA6mteg5uQ3qRW9M Public owner key: BTS7iZnny8bvNRd6v6nx25XG6ijAKZs1ANvtuqTN2gjSYWXHC8Jgy Private memo key: 5JvpThC3DwjHkupj6jnT5pnFW21Bsj3g4GhxhLLtM2WNsV2ynPw Public memo key: BTS5uEy2yYnoqVY9ksfkMbbY3UH4qFygARn2SW7PFJ4cRErHbH7Vh Private foo_bar key: 5KJQP53B4MPHCWBQ8Xm9ydhKmjqrouRuf8UWWEZjHtkgmrtNCc5 Public foo_bar key: BTS7hNqe6DJmXsqaDG8poaDVAvQx59EgWWQUbVLRUfi2Ab7mCvsnJalways use virtualenv, and always freeze your dependencies ;)
@noisy thanks bro junst now i saved all of my keys offline after knowing that one of our community member @fredrikaa got his account stollen
tip!
Beep beep. Hi @satfit!
You have used tip! in your comment - that`s my magic word for sending tips ;)
Click here if you wish to learn more!
Yes, great postings, posts like this have been my long time, now i feel safer ... thank you very much @noisy
This is very useful thank you:)
This is great....
Thanks you!
Yah @acidyo is right ....This is great - resteeming cause many keep asking about it!
Like I tell most users, keep your private key offline and stored safely, you'll only need your posting and active key when using Steemit generally.
Is a good practice
Great info, thanks for sharing! I'm now following.
Very nice ! Reesteeming it because its a good tutorial !
This post has received a 6.06 % upvote from @buildawhale thanks to: @buildawhale.