Add additional layers of security to your Hive account

Intro

_{We all make countless transactions on the Hive blockchain. Whether we blog, comment, curate, and share, we transact on the Hive blockchain. While all of these transactions are seamlessly done on the Hive blockchain thanks to third-party dApps like KeyChain and HiveSigner, it may be a good idea to start securing your account. Since there is monetary value tied to your username, it may become an incentive for bad actors to target you. In this blog post, I will be sharing multiple ways to increase your security on the Hive blockchain.}

_{Table of contents}

Why should I secure my account?

Since the Hive blockchain does not rely on "simple" e-mail recovery, it can become quite a hassle to recover your account. Rest assured, if you've set up a recovery account to recover your account, you should be good (if you're here from HF23, you might want to make sure that your recovery account is not set to Steemit). As I mentioned in the intro, your account has real monetary value and is most probably the sole reason why you want to treat your Hive account just like your bank account.

Beside monetary value, a Hive account can grow emotional value as well. I'm proud to call myself a Hivean for 4 years already. While the reputation system might be a bit crooked, I finally reached 70+ reputation, and oh boy, it took quite a while to get there.

The basics of permissions on a Hive account

Every Hive account has a variety of private keys. All these keys have different values, and these keys allow you to make different transactions on the Hive blockchain. It is important to know the difference and whether you should or shouldn't allow other dApps to give access to some of these private keys.

_{Your keys are the most important part of your account on the Hive blockchain. Your account is a unique identifier that allows you to gain access to all available dApps, now and in the future. This means that your Hive account has immediate access to everything that is built or is going to be built on the Hive blockchain. Therefore, it is important to keep your keys safe and store them anywhere but your computer.}

Each key has different permissions. Which allows you to perform very specific actions on the Hive blockchain. While all keys are important to keep private, two keys can cost you your stake if you lose, or grant someone else access to them (owner-key and active-key).

Owner - with this key, you grant access to all other keys, and the ability to change your account settings (including your keys).
Active - with this key, you grant access to the market, move funds, cast your witness vote, transfer tokens, and change your keys.
Posting - with this key, you grant access to post, comment, vote, follow, and similar actions.
Memo - with this key, you grant access to view encrypted messages.

Your posting key is the most requested key that dApps ask for, it allows you to transact on the blockchain without the ability to perform more sensitive activities.
_{*** Note: be cautious when giving access to your active-key, unless you know what you are doing. ***}

Hive KeyChain / HiveSigner

It is important to know that all dApps that transact on the Hive blockchain may use your keys directly, or through trusted parties like HiveSigner and Hive KeyChain in order to function (seamlessly). Both can hold and store your private keys securely. Even though we have to keep in mind that the security of using these key applications is never guaranteed, it may currently be the most secure solution to keep your wallet safe while transacting on the blockchain.

How to revoke access?

While it is important to give the right permissions to dApps, it is just as important to revoke access to dApps you no longer use. If you use the PeakD interface, it has a revoke system implemented. It is easy to revoke access to dApps you no longer use.

Peakd: https://peakd.com/@YOUR_USERNAME/permissions

Copy/Paste the link, make sure you replaced @YOUR_USERNAME with your own. Go to the second tab "Authorities", there you will see the various applications that have permission to use your keys.

_{Note: in the above screenshot it says that all apps only use my "posting" key, but this isn't always the case. If you're semi-paranoid; you might want to revoke access before going to bed, and re-authorize the apps when you wake up.}

Don't just click on links

Phishing is a huge problem to expose access to your account. Don't trust strangers on the internet that randomly send you links, or use clickbait titles to bait you into clicking links. Follow @hivewatchers if you want to stay up to date with updates regarding phishing or other scams and spam.

Since Discord is hugely used by blockchain-related projects, there are many scammers out there that may send you friend requests, just to send you links. But as technology advances, so do the brains of these dumb bad actors exploiting "the Discord loading image scam".

Stay safe. Everywhere.

Your identity on Hive is your wallet

While the majority of Hive users have anonymous usernames, some users have chosen to create an account under their real names. Hive is transparent, this means that everything you earn, or hold in Hive tokens, and/or Hive Backed Dollars, will be visible to anyone. This is all tied together to your username.

If we think about this and take all of the above into consideration, wouldn't it be just great to combine everything, and have the best of both worlds? Care-free transacting on the Hive blockchain, while setting up a secure environment. Let's take it a step further.

Hot and Cold wallets

If you think about how exchanges keep our funds safe, the answer may be super simple: they have cold and hot wallets. Whereas cold wallets are usually wallets that contain idle funds (staked coins), and hot wallets contain funds that are constantly moving or must be available 24/7. The idea of having cold wallets on Hive does make sense, right? So, let's create hot and cold wallets on Hive.

Multiple accounts

One may wonder if it is worth it. While every account is in theory equally prone to be targeted by bad actors, limiting access and activities on an account that stores a lot of staked HivePower would certainly help. Back in the FIAT days, I periodically checked my bank account, but I was every day active on my social media. So, why not separate these on Hive as well?

I've come up with the following accounts to create. You can adjust this setup according to your own needs of course.

_{Keep in mind that every account requires staked Hive Power/Resource credits to perform any actions on the Hive blockchain (minimum recommended: 25HP).}

1) Activity account | Hot wallet

The purpose of an activity account is to be able to perform 90% of actions on the Hive blockchain. Writing posts, placing comments, manual voting on other posts and comments, and connecting to dApps. This is the account you will be using the most.

This account is considered to be a hot wallet. Funds will mostly be transferred between other Hive accounts (Stakeholder/Savings), and/or exchanges.

Since most of its stake is delegated by the 'stakeholder account', this account can perform almost all actions without having 'too much' hive power staked on this account.

_{If access to this account is lost, you lose access to your blog, your games, your Hive reputation, and NFTs if you have them, but not your HIVE and/or HBD.}

2) Stakeholder account | Cold wallet

A stakeholder account would be to less prone to security breaches. It also is meant to delegate stake to the other accounts so those accounts can perform actions. While most of the stake would be delegated to the 'activity account', this account is flexible enough to delegate to projects on Hive.

From all accounts, this account will be the one that's exposed the least. This is mostly because there will be 0 posts and comments on this account, and no other actions other than delegating to other accounts. We can consider this account to be a cold wallet.

The exposure of this account is only tied to its delegated stake.

_{If access to this account is lost, you lose access to most of your funds.}

3) Savings account | Hot/Cold wallet

The purpose of a savings account is to divide your assets. This account won't post or comment either. But it will transfer funds in and out to exchanges, and between Hive wallets. This wallet would only serve for

_{If access to this account is lost, you lose access to your savings.}

Right now, it is assumable that you do all these things on one account. If you were to lose access to your account and don't have a recovery set up, you'd lose basically everything you have on Hive.

_{If you have enough staked Hive Power, you can claim account creation tokens on PeakD. While it takes more resource credits over time to create a token, it is unclear how much Staked Hive Power/resource credits is required when you read this. Currently, about 10K Hive Power should be enough for 1 token every few days. If you don't have enough Hive Power, make sure to check HiveOnboard where you can request an account to be created.}

How do you keep your account safe and secure?

There are plenty of other ways to increase the security of your account. I've just mentioned a few, how do you keep your account safe? Share it with us below in the comment section so others that find this blog hopefully may find it useful. Other than that; I hope this article was helpful and gave you a decent explanation on why and how you can increase the security of your account(s) on Hive.

Cheers,
Ruben

_{Follow me on Foundation | Follow me on Twitter | Follow me on Instagram}