Kuthatha ixesha elingakanani ukuqhekeza igama eliyimfihlo ngokuxhomekeke kubunzima bayo?

Mundobytes » IT » Ukhuseleko » Kuthatha ixesha elingakanani ukuqhekeza igama eliyimfihlo? Izitshixo kunye nezinto ezibalulekileyo

Ixesha efunekayo ukukrazula igama eligqithisiweyo kuxhomekeke kubude bayo, ukuntsonkotha, kunye ne-algorithm eyikhuselayo.
Iipassword ezimfutshane okanye ezilula zinokuqhekeka ngemizuzwana, ngelixa ezinde nezintsonkothileyo zinokumelana nezigidi zeminyaka.
Sebenzisa oonobumba abakhulu, abancinci, amanani kunye iisimboli, kunye nabaphathi kunye nokuqinisekiswa kwamanyathelo amabini, kwandisa kakhulu ukhuseleko.

Umzobo wokhuseleko kunye neepassword ezinamandla

Ukhuseleko lwedijithali ngumba wokunyusa inkxalabo ebantwini nakumashishini. Akumangalisi ukuba: ubucukubhede bokuhlaselwa kwe-cyberattacks buyanda minyaka le, kwaye abahlaseli banezixhobo zobuchwepheshe ezithe chatha ukuqhekeza amagama ayimfihlo. Ingaba ingathatha ixesha elingakanani ukuqhekeza igama eliyimfihlo? Yaye elo xesha lixhomekeke entwenini?

Isenokubonakala ibaxiweyo, kodwa igama eligqithisiweyo likuthathe imizuzwana ukuba uyiqambe inokukhutshwa ngoko nangoko ngenkqubo ezenzekelayo. Sekunjalo, iindaba ezimnandi zezokuba ukuba ulandela imithetho embalwa elula kwaye uqonde indlela inkqubo yokucima i-decryption isebenza ngayo, Unokwenza ukufezekisa oku kube ngumsebenzi ongenakwenzeka.. Masicazulule yonke imiba, iindlela, kunye neengcebiso ezisekelwe kweyona datha yamva nje kunye nezifundo.

Amanqaku aphambili: Izinto eziphembelela ixesha lokuguqulelwa kwentsokolo

Ixesha elithathayo ukukrazula igama eligqithisiweyo alixhomekanga kuphela kwindlela oyilayo oza nayo. Ngokwenene kumiselwa yimiba emininzi yobugcisa.:

Ubude begama lokugqithisa: Okukhona isitshixo sinabalinganiswa abaninzi, kokukhona kunzima ukuyicacisa.
Ukuntsokotha komlinganiswa: Quka oonobumba abakhulu, abancinci, amanani kunye neesimboli phinda-phinda indibaniselwano enokwenzeka.
I-algorithm yeHash eyikhuselayo: Ukudala igama eligqithisiweyo kwinkqubo yakudala (umzekelo, esekelwe kwi-MD5) akufani nokudala igama eliyimfihlo kule mihla esebenzisa i-bcrypt okanye i-SHA256..
Amandla okuqhuba umhlaseli: IiGPU zanamhlanje zivumela izigidi zovavanyo ukuba lwenziwe ngomzuzwana..
Uhlobo lohlaselo: Abahlaseli banokusebenzisa amandla akhohlakeleyo, isichazi-magama, uhlaselo lwe-hybrid okanye imaski, kwaye bathathe ithuba yolwazi ivuza.

Indibaniselwano yazo zonke ezi elementi ichaza ukuba isitshixo sophukile kwimizuzwana okanye kwizigidi zeminyaka.. Ke ngoko, igama eligqithisiweyo elifanayo linokuba buthathaka kakhulu kwiwebhusayithi enye kwaye liphantse lingaphuki kwenye, kuxhomekeke kwimekobume.

Indima yobude kunye neentlobo ezahlukeneyo zabalinganiswa

Umbuzo wesigidi seedola uhlala usithi: Bangaphi abalinganiswa endibadingayo? Izifundo zangoku ziyavuma ukuba ubude bubaluleke ngakumbi kunobunzima. A) Ewe, Igama lokugqithisa elinamagama ali-16 elinoonobumba kuphela liya kuba namandla ngakumbi kunegama elintsonkothileyo elineempawu ezisi-8..

Nangona kunjalo, dibanisa ubude kunye nabalinganiswa abahlukeneyo (oonobumba abakhulu, abancinci, amanani kunye neempawu) kuthatha ukhuseleko kwelinye inqanaba. Umzekelo, ngokwedatha yamva nje evela kwiinkampani ezinjengeHive Systems, igama eliyimfihlo:

Oonobumba aba-4 (usebenzisa amanani kuphela okanye oonobumba abancinane): yaqondwa ngoko nangoko.
8 oonobumba (ukuxuba amanani, oonobumba kunye neesimboli): phakathi imizuzu kunye neeyure, Kuxhomekeka kwifayile ye- hardware kunye ne-algorithm ye-hash.
Iimpawu ezili-12 ezinzima: iminyaka ukuya kwizigidi zeminyaka.
Abalinganiswa abali-16 badibanisa zonke: akunakwenzeka ukucacisa ngamandla akhohlakeleyo (izigidi zezigidi zeminyaka).

Ukuphunyezwa kweCMOV nguLinus Torvalds kuphucula ukusebenza kweLinux kunye nokhuseleko

Kwakhona, ukuba isitshixo ligama elilula lesichazimagama, nokuba linesimboli, Inokufunyanwa ngemizuzwana ukuba ibikhe yavuza ngaphambili. Ukuthintela oku kungenzeki, funda ukwenza Nqanda iibhrawuza ekukhumbuleni amagama agqithisiweyo ngokulula kwaye ukhusele idatha yakho.

Kutheni kungasenelanga ukudibanisa kuphela oonobumba abakhulu nabancinane?

Kwiminyaka nje elishumi eyadlulayo, unegama lokugqitha elinamagama ali-10 anonobumba abakhulu, abancinci, kunye namanani Yayisisiqinisekiso esamkelekileyo. Nangona kunjalo, ngenxa yokunyuka kwehardware eya inamandla kwaye ifikeleleka, njengamakhadi emizobo ye-RTX yamva nje ukusuka Nvidia isetyenziswe efini, ixesha lokufihla lincitshiswe kakhulu.

Ngokomzekelo, isitshixo solu hlobo olunokuthi ngo-2012 luhlale ngaphezu kweminyaka eyi-100, namhlanje ingawa ngeeveki. Ke ngoko, Ngoku kuyacetyiswa ukuba usebenze ngamagama agqithisiweyo angaphezu kwe-12-14 oonobumba kwaye usoloko wongeza iisimboli ukuqinisa ukhuseleko..

Iintlobo zohlaselo kunye nendlela ezichaphazela ngayo ixesha lokufihla

Ayizizo zonke iinzame zokuqhekeza igama eligqithisiweyo zisebenza ngokufanayo. Izigebenga ze-cyber zinokusebenzisa iindlela ezininzi:

Uhlaselo olunamandla: Iquka ukuzama zonke iindibaniselwano ezinokwenzeka de igama eligqithisiweyo elichanekileyo lifunyenwe. Yeyona ndlela icothayo, kodwa ikwayeyona iqinisekisa kakhulu iziphumo ukuba kukho ixesha elingenamkhawulo kunye nezixhobo..
Uhlaselo lwesichazi-magama: Isekelwe kuluhlu lovavanyo lwamagama aqhelekileyo kunye nendibaniselwano, kunye namagama ayimfihlo avuzayo kulwaphulo lwangaphambili (HaveIBeenPwned, njl.). Izigebenga ze-Cybernakele ziba amagama ayimfihlo kwiwebhu ngale ndlela.
Uhlaselo lweHybrid: Badibanisa uluhlu lwamagama kunye nokutshintshanisa (“a” ku-“@”, umzekelo) kunye nokwahluka kwamanani.
Uhlaselo lwemaski: Ukuba umhlaseli uyazi ipateni okanye inxalenye yegama lokugqitha, banokunciphisa kakhulu inani lemizamo efunekayo.

Eyona ngozi inkulu kukusetyenziswa kwamagama ayimfihlo avuzayo okanye amagama esichazi-magama.. Ke, Zinokucaciswa ngoko nangoko nokuba zingakanani ubude okanye iisimboli ozongezayo. Ukufunda ukubakhusela njani, tyelela isikhokelo cima amagama agqithisiweyo agciniweyo kwiWindows.

Impembelelo ye-algorithm ye-hash kunye nobuchwepheshe bomhlaseli

Amagama okugqithisa akufuneki agcinwe kwisicatshulwa esingenanto; Ngokuqhelekileyo zigcinwa njenge-hash eyenziwe yi-algorithms efana ne-MD5, SHA256, bcrypt, PBKDF2, njl.. Ngamnye wabo unikeza iimpawu ezahlukeneyo kunye nokuchasana.

MD5: Umdala kunye nosengozini. Amanani okanye amagama ayimfihlo alula ukuya kuthi ga kwi-13 enobumba anokuqhekeka ngoko nangoko.
I-SHA256: Ikhuseleke ngakumbi. I<em>cipher enezinhlamvu ezili-11 equlethe amanani, oonobumba abakhulu nabancinane, kunye nemiqondiso inokuthabatha iminyaka engaphezu kwama-2.000 XNUMX ukuqhekeka. Funda indlela yokubuyisela igama lokugqitha kwi-Android ukuba uneengxaki ngofikelelo.
Bcrypt: Ibandakanya i-salting (idatha eyongezelelweyo engahleliweyo) kunye nexabiso lexabiso (imijikelo engaphezulu yoguqulelo oluntsonkothileyo), iyenza yomelele ngokugqithisileyo. Iphasiwedi eyakhiwe kakuhle eneempawu ezisi-8 inokuthatha iminyaka engama-27.000 ukuqhekeka, kwaye negama eliyimfihlo elinoonobumba abali-12 okanye abali-14 ngokuqinisekileyo lingenakonakaliswa kunyanzeliso lwenkohlakalo.

I-Python kwi-Cybersecurity: Ukusetyenziswa kweSokethi ekwinqanaba eliphezulu, i-Scpy, izicelo, kunye ne-BeautifulSoup

Inyaniso kukuba nokuba i-algorithm ikhuselekile, ukuba igama eliyimfihlo libuthathaka okanye livuza, liba sengozini.

Kuthatha ixesha elingakanani ukuqhekeza igama eliyimfihlo? Iitafile zesikhokelo

Iinkampani ezifana ne-Hive Systems zipapasha uqikelelo lonyaka lwamaxesha afunekayo ukuze uqhekeze amagama ayimfihlo ngokusekwe kwiimeko eziyinyani (i-hardware ephuculweyo kunye ne-hashed passwords). Amakhadi emizobo yesizukulwana samva nje se-Nvidia kunye noseto lwenyani lwe-hash luqhele ukusetyenziswa.

Inombolo/igama lokugqitha elilula (ukuya kuthi ga kwi-10 loonobumba): ukucima ngoko nangoko.
Abalinganiswa abali-8 badibanisa zonke: iiyure ukuya kwi-164 iminyaka (kuxhomekeke kubunzima kunye nehashi).
Abalinganiswa abali-12 abanesimboli: ukusuka kwiminyaka ukuya kwizigidi zeminyaka ukuyiqhekeza.
14 ukuya 16 abalinganiswa random: amawaka ezigidi zeminyaka.

Kwiimeko ezinamagama ayimfihlo akhuselweyo nge-bcrypt kunye nehardware ephezulu kakhulu, ukwaphula igama eliyimfihlo elinamagama angama-8 kunokuthatha ukuya kuthi ga kwiminyaka eyi-12, ngelixa indibaniselwano engaqhelekanga okanye evuzayo inokophuka kwimizuzwana nje embalwa.

Kutheni iipassword ezininzi zeakhawunti zihlala zifakwa esichengeni?

Phezu kwawo nje la manani, izigidi zeeakhawunti zisaqhubeka zifakwa esichengeni. Oku kungenxa yokuba:

Amagama okugqithisa asetyenziswa kwakhona. Ukuba isitshixo sibonakala kwindawo evuzayo, umhlaseli unokusivavanya kwezinye iiakhawunti.
Iipateni okanye iinkcukacha zomntu zisetyenziswa (amagama, imihla yokuzalwa, amaqela ebhola ekhatywayo, ukutya okuthandayo…).
Amagama okugqithisa alula kakhulu okanye amafutshane. Iinkqubo zokuhlasela ezizenzekelayo ziyawaqhekeza ngemizuzwana.
Uqinisekiso lwamanyathelo amabini okanye i-MFA ayisetyenziswanga.

Nokuba i-hashing algorithms eyomeleleyo inokubonelela ngokhuseleko olungcono xa igama eliyimfihlo lingenamkhethe kwaye lide. Ukuba igama eligqithisiweyo lilula okanye sele livuza, abahlaseli banokusebenzisa iitafile ze-rainbow okanye uhlaselo lwesichazi-magama ukuze bafikelele ngokukhawuleza. Ukuzikhusela, jonga isikhokelo Yenza amagama ayimfihlo akhuselekileyo ngeChatGPT.

Izixhobo zokukhusela ezicetyiswayo kunye neendlela

Uninzi lweengcali kunye neenkampani khu seleko bayavumelana ngezikhokelo ezininzi zokhuseleko:

Sebenzisa ixesha elide (ubuncinci beempawu ezili-12-16) kunye namagama ayimfihlo anzima. Soloko udibanisa iisimboli kwaye udibanise oonobumba abakhulu, abancinci, kunye namanani kwiipateni ezingalindelekanga.
Yenza igama lokugqitha elilodwa kwinkonzo nganye. Ngaloo ndlela, ukuba umntu uyavuza, ayifaki esichengeni zonke iiakhawunti zakho.
Musa ukuphinda usebenzise amagama ayimfihlo naphantsi kwayo nayiphi na imeko.
Ziphephe iinkcukacha zobuqu kunye namagama esichazi-magama.
Sebenzisa abaphathi begama lokugqitha (Bitwarden, LastPass, 1Password, njl.) ukwenza nokugcina amagama ayimfihlo awomeleleyo ngaphandle kokuba uwakhumbule onke.
Yenza uqinisekiso lwezinto ezininzi (MFA) nanini na kunokwenzeka. Ukuba unokunqanda i-SMS, kungcono ukubheja apps njengaye Ukugcina o Uphando Isiqinisekisi, okanye iithokheni zomzimba.

Isebenza njani iMicrosoft's Smart App Control ye Windows 11: IsiKhokelo esipheleleyo, esiSebenzayo

Ubuchwephesha obungenamagama kunye ne-MFA zenza kube nzima ukuba umhlaseli afikelele kwiiakhawunti zakho ngegama lakho eliyimfihlo, nokuba uyakwazi ukuliqhekeza. Ukuze ufumane iinkcukacha ezingaphezulu, bona ukuba njani fumana igama lomsebenzisi kunye negama lokugqitha kwizixhobo.

Iimpazamo eziqhelekileyo kunye neengcebiso ezisebenzayo zokwenza iiphasiwedi ezinamandla

Abantu abaninzi benza impazamo yokusebenzisa igama eliyimfihlo kuyo yonke into. Abanye bakhetha iipateni ekulula ukuzikhumbula okanye babhale amagama ayimfihlo kwiindawo ezingakhuselekanga. Nako sisiya iingcebiso ezibalulekileyo:

Qiniseka ukuba zonke iipassword zakho zinde kunoonobumba abali-12.
Khetha imidibaniso engenakwenzeka ukuba idityaniswe nawe: akukho mihla, amagama, iinkcukacha zomntu okanye uphindaphindo.
Ngqiyama kwi I-mnemonics zobuqu ukukhumbula izitshixo, kodwa ukuze kungabikho mntu unokuthelekelela.
Musa ukugcina amagama ayimfihlo kwizikhangeli zikawonke-wonke okanye izixhobo ekwabelwana ngazo.
Sebenzisa abaphathi begama lokugqitha ukwenza, ukulawula, kunye nokutshintsha amagama ayimfihlo..

Khumbula ukuba iinkonzo ezininzi zibonelela ukujonga ukuba amagama akho ayimfihlo aye achaphazeleka ngaphambili. Izixhobo ezifana UTHIWE Banokukwazisa ukuba kukho naziphi na iiakhawunti zakho ezibonakala zivuza.

Yintoni esinokuyilindela kwixa elizayo?

Umkhwa ucacile: amandla e-hardware aya kuqhubeka nokunyuka, okwenza iiphasiwedi ezilula zikhuseleke kancinci. Kunjalo ngoba, Iisistim zokuqinisekisa ezingenamagama okanye ezo zinezinto ezongezelelekileyo ezinje ngebhayometriki, iiapps eziphathwayo okanye izitshixo zomzimba ngokuthe ngcembe ziye zixhaphake ngakumbi. i-USB. Ukuze ufunde ngakumbi malunga neenketho ezikhoyo, tyelela inqaku lethu.

Ukuqhubela phambili kwe-computing yefu kukwavumela abahlaseli abakhuthazayo ukuba baqeshe ii-GPU ezinamandla kwaye baqalise uhlaselo olukhulu ngeeyure ngexabiso eliphantsi. Kodwa wena Unokwenza kube nzima kakhulu kuye ngokulandela iingcebiso ezingentla..

Yonke into ibhekisela kwinto yokuba eyona ndlela yokukhusela ihlala ikhusela. Khetha i-random, amade, kunye namaphasiwedi anamandla, kunye nokusetyenziswa kwabaphathi bephasiwedi kunye nokuqinisekiswa kwamanyathelo amabini., yeyona ndlela ilula nesebenzayo yokuphepha izoyikiso kwi-Intanethi. Ngolwazi lwanamhlanje kunye nezixhobo, unayo yonke into oyifunayo ukwakha inqaba malunga nesazisi sakho sedijithali.

Inqaku elidibeneyo:

Gqibezela isikhokelo sokwenza amagama ayimfihlo angaqhelekanga kwikhonsoli yeWindows

UIsake

Umbhali onomdla malunga nehlabathi le-bytes kunye netekhnoloji ngokubanzi. Ndiyakuthanda ukwabelana ngolwazi lwam ngokubhala, kwaye yile nto ndiza kuyenza kule bhlog, ndikubonise zonke izinto ezinomdla malunga nezixhobo, isoftware, ihardware, iindlela zetekhnoloji, kunye nokunye. Injongo yam kukukunceda uhambe kwihlabathi ledijithali ngendlela elula neyonwabisayo.