Changing Password Regularly and Made Multiple Backups
I updated my password on Steem yesterday as a part of my routine I usually do.
Recent research says you shouldn't change your passwords so often but I am not sure how accurate that is. I try to change mine every 3 months. With so many exploits and hacks. It's better to be safe than sorry. Remember, having a blog on Steem or GOLOS is not like other platforms. It has monetary value and you want to keep those funds secure. This latest password change was actually long overdue. I also took the necessary steps to make multiple backups and secure them. I only leave my posting key on my local machine.
There are many reasons why to make multiple backups of your passwords. There are many situations that can occur and most regret not having more than one backup. Here are few things that could happen:
Lost - Losing your password is such a tough thing to go through. In case you lose it, you have a backup to save you.
Corrupted storage - Keeping your passwords on electronic storage come with some risks and can become corrupted. You lose your data when you have a corrupted storage and it can happen. Even if you have it on a removable storage.
User-error - This can range from mistyping and adding an extra character to accidentally deleting the file or the password itself.
This will keep your account safe. You could have just your posting key on your machine. Keeping only your posting key on your machine will keep your funds safe. In the event that someone else gains access to your posting keys, all they can do is vote, blog, and comment. They won't be able to do anything such as touch your funds or change your password.
Some may say to use a password management service which does make it easier than to have to constantly shuffle through for your passwords but you are also relying on those services to keep your passwords secure. There have been many security breaches on such services already. LastPass has dealt with a security breach as recently in March of this year. If you were to use one of these services, I would recommend 1Password. Since you would only have your posting key on one of these services it is not much of a concern if those services get hacked.