If your active key and your memo keys are the same and you have shared your private memo key, then your account is still vulnerable.
Say for instance, I created a website and asked you to enter your private memo key, I could then transfer your funds. That’s because your memo private key is the same as your private active key. Active keys give you the right to buy/sell/deposit/withdraw funds.
The owner keys provides this same access in addition to changing your password.
My owner, active, and memo keys were the same, so I changed my owner and active keys. Afterwards I can continue to read my memos on previous transactions.
As an alternative changing your keys, you could just create a new account and then transfer your assets from the old account to the new account.
Thanks for your follow up, it is appreciated. I am fairly confident I am okay since I have n ver knowingly given anyone access to any of my private keys, but I wonder if there is a way one could do so unknowingly.
You have highlighted the memo function as a potential vulnerability. The only times I have never included any memo is when making a deposit to Openledger and entering my account name in the memo field. I don’t expect this would create a vulnerability but I would love to be corrected if I’m wrong! Thanks again!
10 steem tip for the one who can answer ;)
If your active key and your memo keys are the same and you have shared your private memo key, then your account is still vulnerable.
Say for instance, I created a website and asked you to enter your private memo key, I could then transfer your funds. That’s because your memo private key is the same as your private active key. Active keys give you the right to buy/sell/deposit/withdraw funds.
The owner keys provides this same access in addition to changing your password.
My owner, active, and memo keys were the same, so I changed my owner and active keys. Afterwards I can continue to read my memos on previous transactions.
As an alternative changing your keys, you could just create a new account and then transfer your assets from the old account to the new account.
Thanks for your follow up, it is appreciated. I am fairly confident I am okay since I have n ver knowingly given anyone access to any of my private keys, but I wonder if there is a way one could do so unknowingly.
You have highlighted the memo function as a potential vulnerability. The only times I have never included any memo is when making a deposit to Openledger and entering my account name in the memo field. I don’t expect this would create a vulnerability but I would love to be corrected if I’m wrong! Thanks again!
The memo key is a vulnerability if it matches one of your other two keys. If all 3 keys are different, then your account is secure.
Mike, my owner and active keys are the same but memo is different...is this secure in your opinion? Thanks for any feedback