Paper gifts and making 7500 HIVE in an hour for FREE

At least one Hive user got very lucky last night.
Actually, he got lucky twice.

Better than getting laid.
(Probably)

A long time ago, he lost his keys for Hive in a computer, only having his posting available and unfortunately, he hadn't done any of the security things - like backing them up offline and physically or, resetting his recovery account away from Steem. As a reminder THIS IS HIVE, if your recovery account is set to STEEM and you lose your keys, you are in for a real bad time.

But, after a little renewed vigor, he put out a post last night offering a 1000 dollar reward for anyone who could help him recover his account. Now, I haven't spoken with him for a very long time, but thought I would leave a message, some advice and offering some help.

A little desperate perhaps and willing to take a chance, he ended up sending me a picture of his Master Key that doesn't work, to see if I can do anything with it.

A word of warning:
DO NOT GIVE YOUR KEYS TO ANYONE!!!

Except me - because you can trust me.

That was a test.

NOT EVEN ME!!!

(However, I know Yahia back from early-2018 and he chose to take the risk)

So, after getting what looked like chicken scratchings and hieroglyphics mixed into a nonsensical story on a scrap of paper - at 3 in the morning, I set to work.

IMG_20200813_225117 (2).jpg

People don't take the "save your keys" advice seriously and trust that they won't need to ever use their master, until they do. Please, PLEASE - take it seriously! If you are going to write them down freehand, make sure that your writing is impeccable and very, very clear, as one little error out of those 52 characters and you might lose what you have worked for. In this case, it was around 7500 HIVE with a street value of about 5700 dollars US.

That is a lot to lose in my opinion and it is because of this that they were willing to offer a 1000 dollar reward - which I declined in my first message at the very start, just for those who believe I only do stuff for the dosh.

So, taking the scrap of paper (and assuming it was the right key for the account), I first had to work out what password it is. It was a Master Password, as it had 52 characters and started with P, which I think is the same for all of them (unsure). Then in notepad, I wrote down what I thought was written and tried to login, with no luck.

There were literally markings and cross-outs of several characters and it was unclear if some were upper or lowercase where for example, U and u looked the same. This meant systematically going through and trying single changes and then combinations of changes of characters, then trying each at the login page, in order to see if I was able to get access.

I think it took me about an hour before eventually, one gained access and I was able to login. I used the master to check the posting key and then used it just to double-check and leave a message as proof:

image.png

Now, Yahia had to blind trust that I wasn't going to commandeer his account if I gained access - but a repeated word of warning, while I have no need to do such things - DO NOT TRUST PEOPLE.

Once I was sure that I had control of his account - I changed all of his keys. So - the account is mine!

Muhahahhahha..hah...ha

Ahem.

This can be done in either:

@YOURNAME/password
or
@yourname/permissions

But be careful and make sure you read well and be ready to save the keys safely once you get the new ones.

KEEP YOUR KEYS SAFE!

Yahia now has his keys and control of his account, all is well.

Recovery Account Caveats

But, more warnings. You can change your recovery account easily too and what this means is you can have a backup to fall on in order to recover a lost account. On Peakd, this is done through the permissions pane also. But even if you lose access to your account, YOU STILL NEED your master password. Recovery is for stolen accounts, not lost keys. KEEP YOUR MASTER KEY SAFE!

So, how'd he get lucky twice?
Well, he actually got lucky at least five times.
Which is the luck of an eighteen year old.

  1. I saw the post in my feed and commented.
  2. He found the scrap of paper.
  3. I was able to recover the account and save 7500 HIVE.
  4. I declined the 1000 dollars and the 500 dollars offered
  5. I didn't steal his account with 7500 HIVE in it.

So, for an hour of my dicking about with the password, Yahia now has his account and the HIVE to play with (he is transferring to his other account) and not only that, he didn't have to pay for the service. Sometimes, luck does fall our way and we get a break that can make our lives easier and a little better.

Last night, I got lucky and was able to help someone out and feel like I made the world a little better for one individual. For me, this is important.

Your keys, your account.
Your account, your keys.

Take security seriously please - it is your responsibility.

Taraz
[ Gen1: Hive ]

H2
H3
H4
3 columns
2 columns
1 column
138 Comments