Image credit and story idea credit:
http://lifehacker.com/5938565/heres-everywhere-you-should-enable-two-factor-authentication-right-now
I photo cropped and edited this image to suit my STEEMIT SECURITY STORY!
Where is The 2FA?
It has almost been a month since the Steemit Hack and I still do not see any option to add 2FA to my account. I was sure I read the message correctly from the security team when it said they would be adding 2FA to the site, but I have still not seen anything yet. Enabling 2FA is a basic necessary first step towards increased security.
What is 2FA?
Two Factor Authentication is when a separate device (i.e. Google Authenticator or Authy app on your iPhone or Android device) generates random passwords in a regular time interval for you to use when logging in. So if someone hacks your social network password they would also need to get your 2FA password too which is usually over the scope of the hack.
Long Passwords Just Don't Cut It Anymore!
We have already seen regular passwords breached here at STEEMIT last month. Hackers these days are more sophisticated and determined to hack as much as they can as fast as they can. For example look at what just happened at Bitfinex, a hacker drew down 60 million in funds in the blink of an eye, and with so much of peoples hard earned STEEM, users deserve the option to POWER UP our security.
STEEMIT Needs to get Funds in Cold Storage If they are not already!
What we have learned from the Bitfinex Hack is that in order to protect the funds they must be in cold storage, offline, not connected to the internet. Especially since our funds are locked up for 2 years while POWERED UP at STEEMIT, this should be a given.
STEEMIT Needs to Shift some of the Crazy Money to Security NOW!
This whole thing is beginning to remind me of the DAO. We have this great thing, all this money sloshing around, however we don't have a very good security plan in effect yet! We all see it every day, people with loads of steem bringing in even more every day! Some bloggers are making 25 Grand on beauty blogs, when that 25 Grand should be going to a security developer on the DL so they can keep this ship afloat! The last thing we need here is a round of socialized losses! Steemit also needs to get Insurance on their funds to protect from unforeseeable events and this will cost steem! Some of these security costs may take some of the gusto out of the short term rewards, but I think it will be well worth it in the long run.