EOS FOR IDIOTS: How To Change Your EOS Active Key Using Greymass
Written by Stellabelle
A lot of you are in the same boat: you have an EOS genesis snapshot account which means that your owner key is the same as your active key. And you’ve now learned that this is a vulnerability.
I successfully changed my active key using the steps below and many people are now asking for this info.
Now you want to be safe, and you want a new active key. This tutorial shows you how to create a new active key pair and update it using the Greymass wallet. Your owner key remains the same. All we are doing is adding a new active key so that your account has two different keys: one for your owner key and a different one for your active key.
Step One: Generate A New Active Key Pair
Generate a new key pair by going here: https://nadejde.github.io/eos-token-sale/
This will create a new public and private key pair. This will be your new active key pair. When you create a new key pair, you can do this offline by turning off your internet connection, after you visit this site. It will generate key pairs even when not online. This is safer.
Step Two: Save Your New Active Key Pair
Your new active key pair consist of a public key (begins with ‘EOS’) and a private key.
Save both of these in a text file on a flash drive (usb), and print out one too. Save on several flash drives if possible. Don’t lose this.
Step Three: Change Active Key in Greymass Wallet
Now you’re ready to change your active key using the Greymass wallet: https://github.com/greymass/eos-voter
A. Open up your Greymass Wallet called EOS Voter and unlock your wallet.
B. Click on the TOOLS button at the top.
C. Click on PERMISSIONS in the Wallet Tools section.
Click on MODIFY under the Active Permission.
In the Public Key box, click in there. Delete the existing key, and then copy and paste in your new active PUBLIC key that you just generated. YOUR PUBLIC KEY GOES INTO THAT BOX. Not your private key! Repeat: paste in your NEWLY GENERATED ACTIVE PUBLIC KEY into that box, NOT YOUR PRIVATE KEY.
After you have made sure that you have safely stored your public and private active key pair that you generated, you can click UPDATE PERMISSION. This step is irreversible, so make sure you have saved your active key pair before doing this step.
That will send the updated active key permission to the EOS blockchain and it’s now changed. Check it on the blockchain to make sure it is there. Now your account will have a different active key than your owner key. Your owner key remains the same, you did not change that. The only thing you did was change your active key to a different one. So you MUST make sure that you have your OWNER public and private keys saved securely before you do any of this.
Make sure your account works with the new active key you just changed.
Load the new active key into Scatter or some other mobile EOS wallet. Use a Dapp with your active key, just to ensure it all works. Please make sure you have saved your Owner and Active keys for your account. Now you have 2 different key pairs, one set for your owner key and one set for your active key. You have 4 keys in total. MAKE SURE YOU HAVE ALL THESE SAVED IN A USB stick.
The reason you would need the owner key and active key to be different is because if someone steals your active key (that you use often), you can change this key to a different one, and keep your funds. If someone steals your owner key, you’re screwed.
So, once you confirm that your active key works for your account, and you have made sure that you have BOTH YOUR OWNER KEY (PUBLIC AND PRIVATE) AND YOUR ACTIVE KEY (PUBLIC AND PRIVATE), you can start loading wallets with only your active key, and keep your owner key stored offline. The only time you would need to use your owner key is if you need to change your active key again.
A lot of helpful noob advice used for this article is in this video: https://youtu.be/Yx_YduAgmY0