Tsab ntawv no yuav tham txog yuav ua li cas thiaj tsim tau tus password, tus txheej txheem twg yuav tsum tau ua raws thaum tsim lawv, yuav ua li cas khaws cov password thiab txo cov neeg nkag mus rau koj cov ntaub ntawv thiab nyiaj.
Cov khoom no yog ib qho txuas ntxiv ntawm tsab xov xwm "Li cas koj lo lus zais tuaj yeem ua hacked" thiab pom tau hais tias koj paub txog cov ntaub ntawv uas tau muab muaj, thiab tsis tas li ntawd, koj paub txhua txoj hauv kev uas cov passwords yuav raug kev tsim txom.
Tsim passwords
Niaj hnub no, thaum tso npe ntawm txhua tus account hauv Internet, tsim ib lo lus zais, feem ntau koj pom tus password qhov taw qhia. Yuav luag txhua qhov chaw nws ua haujlwm raws li kev soj ntsuam ntawm ob yam hauv qab no: qhov ntev ntawm tus password; lub xub ntiag ntawm cov cim tshwj xeeb, cov tsiaj ntawv loj thiab cov zauv nyob rau hauv tus password.
Dua li ntawm qhov tseeb tias cov no yog cov tseem ceeb ntawm kev tiv thaiv los ntawm kev ua yuam kev rau kev sib zog los ntawm kev quab yuam dag, ib lo lus zais uas zoo li tsis muaj zog tsis yog qhov teeb meem. Piv txwv li, ib lo lus zais zoo li "Pa $$ w0rd" (thiab ntawm no muaj cov cim tshwj xeeb thiab cov zauv) yuav tawg sai heev - vim yog qhov tseeb (raws li tau piav hauv tsab xov xwm dhau los) tib neeg tsis tshua tsim passwords (tsawg dua 50% ntawm cov passwords yog cov cim) thiab qhov kev xaiv no yog yuav tsum tau muaj nyob hauv cov leaked database uas cov neeg tuaj yeem muaj.
Yuav ua li cas? Qhov kev xaiv zoo tshaj plaws yog siv lo lus password generators (muaj nyob rau hauv Internet hauv daim ntawv ntawm cov tuam txhab hauv internet, zoo li hauv feem ntau lub computer password), tsim cov passwords ntev uas siv cov cim tshwj xeeb. Feem ntau, ib lo lus zais ntawm 10 lossis ntau tshaj li cov cim yuav tsis yog kev txaus siab mus rau lub hacker (i.e., nws software yuav tsis raug kho kom xaiv tau cov kev xaiv no) vim tias qhov sij hawm cov nqi tsis them. Tsis ntev los no, tus built-in password generator muaj nyob hauv Google Chrome browser.
Nyob rau hauv no txoj kev, lub ntsiab drawback yog tias xws li passwords yog nyuaj rau nco. Yog tias xav tau ib qho password rau hauv koj lub taub hau, muaj lwm txoj kev xaiv, raws li qhov tseeb ntawm tus password ntawm 10 cim, uas muaj cov tsiaj ntawv loj thiab cov cim tshwj xeeb, tawg los ntawm ib lub zog quab yuam ntau txhiab los yog ntau dua (cov zauv tshwj xeeb raws li cov cim kev cai), dua li lo lus zais ntawm 20 lub cim, uas tsuas yog siv cov tsiaj ntawv cim qis dua qub (txawm tias tus neeg paub txog qhov no).
Yog li, lo lus zais uas muaj 3-5 lo lus Askiv yooj yooj yim yuav nco ntsoov thiab yuav luag tsis yooj yim. Thiab muaj sau txhua lo lus nrog ib tus ntawv loj, peb nce cov kev xaiv rau qib ob. Yog hais tias cov no yog 3-5 lo lus Lavxias (dua, cov npe, cov npe thiab cov hnub tim) sau ua lus Askiv, qhov kev pom zoo ntawm kev siv cov lus dictionaries rau xaiv ib lo lus zais kuj raug tshem tawm.
Yog tsis muaj txoj hau kev los tsim txoj cai passwords: muaj qhov zoo thiab qhov tsis zoo ntawm ntau txoj hauv kev (muaj feem xyuam rau qhov kev muaj peev xwm nco ntsoov nws, kev ntseeg tau thiab lwm yam tsis muaj), tab sis cov ntsiab cai yooj yim yog raws li nram no:
- Tus password yuav tsum muaj cov cim tseem ceeb. Qhov kev txwv ntau tshaj niaj hnub no yog 8 lub cim. Thiab qhov no tsis txaus yog tias koj xav tau ib lo lus zais ruaj ntseg.
- Yog tias ua tau, nrog rau cov cim tshwj xeeb, cov ntawv sau ua qis thiab me, cov zauv ntawm tus password.
- Tsis txhob sau txog koj tus kheej cov ntaub ntawv hauv koj tus password, txawm tias nws tau muab sau rau hauv txoj kev zoo li seemingly. Tsis muaj hnub, npe thawj zaug thiab tus tsiaj ntawv. Piv txwv, rhuav tshem ib lo lus yuam kev sawv cev rau hnub tim Julian niaj hnub los txog tam sim no hnub (xws li hnub 07/18/2015 los yog 18072015, thiab lwm yam) yuav siv sijhawm ntev li ob peb teev (thiab lub moos yuav tau txais vim yog qeeb nruab nrab ntawm cov kev sim rau qee cov neeg).
Koj tuaj yeem tshawb xyuas koj tus password li cas rau ntawm qhov chaw (tab sis nkag nkag tau cov passwords hauv qee qhov chaw, tshwj xeeb tshaj yog tsis muaj https, tsis yog qhov kev xyaum ua tau zoo) /rumkin.com/tools/password/passchk.php. Yog tias koj tsis xav tshawb xyuas koj tus password tiag, sau ib tus zoo li ib tug (los ntawm tib lub cim thiab nrog tib lub cim) kom tau ib lub tswv yim ntawm nws kev ntseeg tau.
Nyob rau hauv cov chav kawm ntawm cov ntawv cim, qhov kev pab cuam laij tus entropy (mob, qhov ntau ntawm cov kev xaiv, rau entropy yog 10 cov khoom, qhov ntau ntawm cov kev xaiv yog 2 rau lub kaum hwj chim) rau ib tus password thiab muab cov lus qhia txog kev ntseeg tau ntawm ntau qhov tseem ceeb. Cov passwords nrog ib qho kev hla entropy ntawm ntau tshaj 60 yog yuav luag tsis yooj yim txawm tias thaum xaiv xaiv.
Tsis txhob siv tib lo lus password rau ntau tus account.
Yog hais tias koj muaj ib lo lus zoo zuj zus, tab sis koj siv nws qhov twg los tau, nws yuav ua tiav tsis txhij txhua. Thaum hackers mus rau hauv ib qho ntawm qhov chaw uas koj siv xws li tus password thiab nkag tau mus rau nws, koj yuav nco ntsoov tias nws yuav raug sim tam sim ntawd (siv, siv software tshwj xeeb) rau tag nrho lwm yam nrov email, gaming, social services, thiab tej zaum txawm online tso nyiaj (Txoj kev pom tau tias koj tus password twb tau raug muab teev cia nyob rau tom kawg ntawm tsab xov xwm dhau los).
Ib tus password rau txhua tus account tsis yooj yim, nws tsis yooj yim, tab sis nws yog qhov tsim nyog yog tias cov nyiaj no yog qhov tseem ceeb rau koj. Txawm hais tias, rau qee cov ntawv sau npe uas tsis muaj nuj nqis rau koj (uas yog, koj npaj txuag lawv thiab tsis txhawj) thiab tsis muaj koj tus kheej cov ntaub ntawv, koj yuav tsis tau koj tus kheej nrog cov passwords.
Ob qhov zoo sib xws
Txawm tias muaj passwords tsis tau hais tias tsis muaj leej twg tuaj yeem nkag rau koj tus account. Koj tuaj yeem nyiag tau ib lo lus zais hauv ib txoj kev los sis lwm qhov (phishing, piv txwv li, qhov kev xaiv ntau tshaj plaws) los yog tau txais los ntawm koj.
Yuav luag tag nrho cov lag luam hauv online xws li Google, Yandex, Mail.ru, Facebook, Vkontakte, Microsoft, Dropbox, LastPass, Chav thiab lwm tus neeg tsis ntev los no ntxiv qhov kev muaj peev xwm los pab rau ob qho (lossis ob kauj ruam) authentication hauv lawv cov accounts. Thiab, yog tias txoj kev nyab xeeb tseem ceeb rau koj, Kuv xav kom nws cov menyuam tuaj koom.
Qhov kev siv ntawm ob qho zoo sib xws yog txawv me ntsis rau cov kev pabcuam sib txawv, tab sis cov ntsiab lus tseem ceeb yog raws li nram no:
- Thaum nkag mus ntawm tus as khauj ntawm ib qho tsis paub hais tias, tom qab nkag nkag rau lo lus zais tseeb, koj raug hais kom coj mus kuaj ntxiv.
- Cov ntaub ntawv muaj tseeb nrog kev pabcuam ntawm SMS code, ib daim ntawv thov tshwj xeeb ntawm smartphone, los ntawm cov ntawv sau ua ntej dhau los, E-mail lus, qhov tseem ceeb tshaj plaws hauv xov tooj (qhov kev xaiv kawg hauv Google, qhov kev lag luam no feem ntau yog qhov zoo tshaj plaws ntawm ob qho zoo sib tw).
Yog li, txawm hais tias tus neeg ua tua tau kawm koj tus password, nws yuav tsis muaj peev xwm nkag mus rau hauv koj tus as khauj tsis tau rau koj cov khoom siv, xov tooj, lossis e-mail.
Yog tias koj tsis nkag siab tias qhov kev tshawb fawb tau ua ob qho haujlwm li cas, kuv pom zoo nyeem cov ntawv hauv Internet rau lub ntsiab lus no los yog cov lus piav qhia thiab cov txheej txheem rau kev nqis tes ua nyob rau cov chaw uas nws tau ua (Kuv yuav tsis muaj cov lus qhia hauv cov ntsiab lus no).
Lo lus zais cia
Nyuaj cim passwords rau txhua qhov chaw - zoo, tab sis yuav ua li cas muab cia rau lawv? Nws tsis zoo li tias tag nrho cov passwords yuav khaws cia rau hauv lub hlwb. Khaws cia cov passwords nyob rau hauv qhov browser yog ib txoj kev pheej hmoo siab: lawv tsis tsuas yog ua kom yooj yim rau kev nkag mus tsis tau tso cai, tab sis tsuas yog ua kom poob thaum muaj kev sib tsoo thiab thaum ua qhov tsis zoo.
Txoj kev daws teeb meem zoo tshaj plaws yog kev tswj hwm password, feem ntau sawv cev rau cov kev pab cuam uas khaws cia txhua yam ntaub ntawv zais cia rau hauv ib qho chaw ruaj ntseg encrypted (ob offline thiab hauv online), uas yog nkag tau siv ib tus password (koj tuaj yeem tso cai rau ob qho pov thawj). Tsis tas li ntawd, feem ntau ntawm cov kev pabcuam no muaj cuabyeej nrog cov cuab yeej los tsim thiab ntsuas qhov kev ntseeg ntawm cov passwords.
Ob peb xyoos dhau los, kuv tau sau ib tsab xov xwm txog qhov zoo tshaj plaws Password Managers (nws yog tsim nyog rov sau dua tshiab, tab sis koj tuaj yeem tau txais ib lub tswv yim ntawm nws yog dab tsi thiab cov kev pab cuam twg muaj npe hauv tsab xov xwm). Ib txhia xav daws qhov yooj yim, xws li KeePass los yog 1Password, uas khaws txhua tus passwords rau koj lub ntaus ntawv, lwm tus - ntau cov kev pabcuam uas tseem tuaj yeem ua kom muaj peev xim ntawm syncization (LastPass, Dashlane).
Cov thawj coj paub zoo txog password yog feem ntau suav tias yog kev nyab xeeb thiab muaj kev ruaj ntseg los khaws cia. Txawm li cas los xij, nws tsim nyog los saib xyuas ib co lus:
- Yuav kom nkag mus rau tag nrho koj cov passwords koj yuav tsum paub tsuas yog ib tus password master xwb.
- Hauv kev cuam tshuam ntawm hacking hauv online cia (ib lub hlis dhau los, lub ntiaj teb cov kev pabcuam uas muaj npe nrov tshaj plaws, LastPass, yog hacked), koj yuav tsum hloov tag nrho koj cov passwords.
Yuav ua li cas lwm tus tuaj yeem txuag koj cov passwords? Ntawm no yog ob peb txoj kev xaiv:
- Nyob rau hauv daim ntawv muaj kev nyab xeeb, kev nkag rau koj thiab koj tsev neeg yuav muaj (tsis tsim nyog rau cov passwords uas koj xav tau ntau zaus).
- Cov ntaub ntawv zauv hauv database (piv txwv, KeePass) muab khaws cia rau ntawm cov ntaub ntawv ceev tseg thiab muab luam tawm qhov chaw nyob thaum tsis tau.
Nyob rau hauv kuv lub tswv yim, qhov zoo tshaj plaws ua ke ntawm txhua yam kev piav qhia saum toj no yog cov nram no: qhov tseem ceeb tshaj (password) Tsis tshua muaj qhov tseem ceeb thiab, tib lub sij hawm, cov nquag siv yuav tsum raug xa mus rau tus neeg saib xyuas kev tiv thaiv (password).
Lus qhia ntxiv
Kuv vam tias cov khoom ntawm ob lo lus rau cov passwords rau qee qhov ntawm koj tau pab kom muaj kev sib luag rau qee yam kev ruaj ntseg uas koj tsis tau xav txog. Tau kawg, kuv tsis ua txhua yam kev xaiv, tiamsis yooj yim logic thiab qee qhov kev nkag siab ntawm cov ntsiab cai yuav pab tau kuv tus kheej los txiav txim siab tias yuav ua li cas muaj kev thaj yeeb zoo li cas. Ib zaug ntxiv, qee cov lus hais thiab ob peb yam ntxiv:
- Siv cov passwords sib txawv rau ntau qhov chaw.
- Cov passwords yuav tsum nyuab, qhov nyuaj tshaj plaws yog kom muaj kev nyuaj siab ntxiv los ntawm kev ua tus password ntev.
- Tsis txhob siv cov ntaub ntawv ntawm tus kheej (uas koj tuaj yeem paub) thaum tsim tus password, nws cov lus qhia, cov lus nug txog kev rov zoo.
- Siv ob kauj ruam authentication qhov ua tau.
- Nrhiav qhov zoo tshaj plaws kom koj cov passwords zoo.
- Yuav tsum ceev faj txog phom (xyuas cov chaw nyob ntawm qhov chaw, qhov muaj encryption) thiab spyware. Txhua qhov chaw uas lawv hais kom nkag mus rau ib lo lus zais, xyuas seb koj puas nkag mus rau ntawm qhov chaw. Xyuas kom tseeb tias tsis muaj malware rau hauv lub computer.
- Yog tias ua tau, tsis txhob siv koj cov passwords ntawm lwm tus neeg lub computer (yog tias tsim nyog, ua nws hauv qhov browser hom incognito, los yog zoo dua qub, siv cov keyboard screen), rau cov pej xeem qhib Wi-nkaus tes hauj lwm, tshwj xeeb tshaj yog tias koj tsis muaj https encryption thaum txuas mus rau qhov chaw .
- Tej zaum koj yuav tsum tsis txhob khaws cov tseem ceeb tshaj plaws, muaj nuj nqis, cov passwords hauv computer lossis hauv online.
Yam zoo li ntawd. Kuv xav tias kuv tau tswj los mus nce cov neeg kawm ntawv qib siab. Kuv to taub tias ntau ntawm cov saum toj no zoo nkaus li tsis zoo, kev xav zoo li "nws yuav hla kuv" tuaj, tab sis tsuas yog kev zam txim rau kev tub nkeeg thaum ua raws li cov cai tswj kev ruaj ntseg rau khaws cia cov ntaub ntawv npog cia tsuas yog qhov tsis muaj qhov tseem ceeb thiab koj qhov kev npaj rau tias nws yuav dhau los ua cov cuab yeej ntawm peb tog.