Password length on steemit accounts by skriptroid

steemit · @skriptroid · Jul 18 '16

Password length on steemit accounts

Given that steemit accounts usernames are visible to anyone, it means that the only thing standing in the way of someone breaking and entering into anyone's account is the password.
This effectively is the equivalent of holding an NXT account. Now those who have opened accounts on NXT know that passwords are only used to log in but also they are lengthy, 50 characters at least. This is a preventive measure aiming to counter the brute force attacks that are randomly checking passwords hoping to log in to an account that holds some NXT.
In the case of steemit, things are much easier since
1. usernames are still visible,
2. balances linked to usernames are visible too.

Meaning that it is times easier for a hacker to focus all resources available to accounts that will pay back if hacked.

Now in a previous post I suggested that a nickname should be used to assign the posts publicly, avoiding to expose the username used to log in. An alternative to that would be to detach the username from the log in process and enforce longer passwords, and/or keys.

👍 skriptroid, coinhoarder

`author`	skriptroid
`permlink`	password-length-on-steemit-accounts
`category`	steemit
`json_metadata`	{"tags":["steemit","security"]}
`created`	2016-07-18 08:39:09
`last_update`	2016-07-18 08:39:09
`depth`	0
`children`	0
`last_payout`	2016-08-18 08:41:24
`cashout_time`	1969-12-31 23:59:59
`total_payout_value`	0.000 HBD
`curator_payout_value`	0.000 HBD
`pending_payout_value`	0.000 HBD
`promoted`	0.000 HBD
`body_length`	1,062
`author_reputation`	563,630,330,217
`root_title`	"Password length on steemit accounts"
`beneficiaries`	`[]`
`max_accepted_payout`	1,000,000.000 HBD
`percent_hbd`	10,000
`post_id`	162,388
`net_rshares`	1,275,410,408
`author_curate_reward`	""

properties (23)vote details (2)

voter	weight	wgt%	rshares	pct	time
skriptroid	0 B		1,192,526,390	100%
coinhoarder	0 B		82,884,018	100%