Everytime you use Steemit you enter your password to access your account, but your password is just there to help you to use only one password to generate the rest of your private keys than to let you store your 4 private keys.
Steemit uses the same code that bitcoin uses to generate the private keys. As bitcoin has a very strong security, you can find the same security in steemit.
When you type your username and your password they are then changed to your WIF. Each user has 4 different keys.
Posting Key: The posting key is used for posting and voting
Active Key:The active key is used to make transfers and place orders in the internal market.
Owner Key: The owner key is the master key for the account and is required to change the other keys.
Memo Key: The memo key is used to create and read memos.
In bitcoin a string is used to generate the WIF where the input string is called the seed. In Steemit your username password and the key type are all combined together to form the seed.
The seed is created in one way which is seed = name+role+password
If your username is guest123 and your password is P5JX8AXd7nr4WSvaT8tREkqRAWLW79bc5v9McD2mtahiPa1yi8hD
Your seeds would be as followed.
guest123active5JX8AXd7nr4WSvaT8tREkqRAWLW79bc5v9McD2mtahiPa1yi8hD
guest123posting5JX8AXd7nr4WSvaT8tREkqRAWLW79bc5v9McD2mtahiPa1yi8hD
guest123owner5JX8AXd7nr4WSvaT8tREkqRAWLW79bc5v9McD2mtahiPa1yi8hD
guest123memo5JX8AXd7nr4WSvaT8tREkqRAWLW79bc5v9McD2mtahiPa1yi8hD
All those seeds are hashed using sha256 to create the hex.
When we hash "guest123owner5JX8AXd7nr4WSvaT8tREkqRAWLW79bc5v9McD2mtahiPa1yi8hD" we get 373cc96d8a6e58b8dbf23a5b157cdc1080f06bcdeb2d6ab827147873447cfeab
Then we add 0x80 byte infront of it and we get 80373CC96D8A6E58B8DBF23A5B157CDC1080F06BCDEB2D6AB827147873447CFEAB
we hash it once more and we get B1572F6A8A22C930D90C3D47F3DA8428B16601D88D5D04FA448458D61BC6622D and we hash it once more to get "46C5996DE7F4FCE89A89C58ED84D6A595C6F246347FAD1DC1B02A434B93111DA"
we take the first 4 byte of it which is 46C5996D which is the checksum
we add the checksum to the end of the hash that we got from "guest123owner5JX8AXd7nr4WSvaT8tREkqRAWLW79bc5v9McD2mtahiPa1yi8hD" which was "373cc96d8a6e58b8dbf23a5b157cdc1080f06bcdeb2d6ab827147873447cfeab" with the 0x80 byte and we get "80373CC96D8A6E58B8DBF23A5B157CDC1080F06BCDEB2D6AB827147873447CFEAB46C5996D"
once we get the last hash after adding the checksum we encode it using Base58 and we get the private key which is "5JEcYjiDs9jcWj92wyq11jZvubq5hRCAsYaQ9czbSdC5YGtnTic"