Le ndatshana izodingida ukuthi ungayakha kanjani i-password evikelekile, yiziphi izimiso okufanele zilandelwe lapho uzidala, ungawagcina kanjani amaphasiwedi futhi unciphise amathuba okuba abasebenzisi abanonya bathole ukufinyelela kulwazi nama-akhawunti akho.
Lokhu okuqukethwe kungukuqhubeka kwendatshana ethi "Iphasiwedi yakho ingaqhekeka kanjani" futhi isho ukuthi ujwayelene nezinto ezethulwe lapho noma usuvele wazi zonke izindlela eziphambili lapho amaphasiwedi angahlehliswa.
Dala amaphasiwedi
Namuhla, lapho ubhalisa i-akhawunti ye-Inthanethi, ukudala iphasiwedi, uvame ukubona inkomba yamandla e-password. Cishe yonke indawo isebenza ngokusekelwe ekuhlolweni kwalezi zinto ezimbili ezilandelayo: ubude bephasiwedi; ukuba khona kwezinhlamvu ezikhethekile, izinhlokodolobha ezinkulu nezinamba kuphasiwedi.
Naphezu kweqiniso lokuthi le yimingcele ebaluleke ngempela yokumelana ne-password ngokugenca ngamandla kwe-brute Force, iphasiwedi ebonakala inokwethenjwa ohlelweni ayihlali njalo injalo. Isibonelo, iphasiwedi enjenge- "Pa $ $ w0rd" (futhi kunezinhlamvu ezikhethekile nezinombolo lapha) izokwephuka ngokushesha okukhulu - ngenxa yokuthi (njengoba kuchaziwe endabeni edlule) abantu kuyaqabukela ukudala amaphasiwedi ahlukile (ngaphansi kwama-50% wamaphasiwedi ahlukile) futhi inketho ekhonjisiwe kungenzeka isivele imininingo yolwazi evuthiwe etholakala kubahlaseli.
Ungaba kanjani Inketho engcono kakhulu ukusebenzisa ama-password aakhiqiza (atholakala kwi-Intanethi njengezinsiza ezikwi-Intanethi, kanye nakubaphathi abaningi bephasiwedi bamakhompyutha), enza amaphasiwedi amade angahleliwe esebenzisa izinhlamvu ezikhethekile. Ezimweni eziningi, iphasiwedi yezinhlamvu eziyi-10 noma ngaphezulu zalezi zinhlamvu ngeke nje ibe nesithakazelo kumqhekeki (isb., Isoftware yakhe ngeke ilungiselelwe ukukhetha lezo zinketho) ngenxa yokuthi isikhathi esichithiwe ngeke sikhokhe. Muva nje, umkhiqizi wephasiwedi owakhelwe ngaphakathi uvele kusiphequluli se-Google Chrome.
Ngale ndlela, ubungozi obukhulu ukuthi kunzima ukukhumbula amaphasiwedi anjalo. Uma kunesidingo sokugcina iphasiwedi engqondweni, kunolunye ukhetho olususelwa ekutheni iphasiwedi enezinhlamvu eziyi-10 eziqukethe izinhlamvu eziphezulu nezinhlamvu ezikhethekile ziqhekekile ngokusesha izinkulungwane noma ngaphezulu (izinombolo ezithile zincike kusethi lwezinhlamvu oluvumelekile), izikhathi zilula, kunephasiwedi enezinhlamvu ezingama-20 eziqukethe izinhlamvu ezincane zesiLatini kuphela (noma ngabe umhlaziyi ezazi ngayo).
Ngakho-ke, iphasiwedi enezinhlamvu ezingama-3-5 ezilula ezingahleliwe zamagama esiNgisi izoba lula ukukhumbula futhi icishe ingenzeki. Futhi njengoba sesibhale igama ngalinye ngohlamvu oluyinhlanganisela, siphakamisa inani lokukhethwa kufinyelela kwesibili. Uma kuzoba amagama angama-3-5 waseRussia (futhi ngokungahleliwe, esikhundleni samagama nezinsuku) ezibhalwe ngendlela yesiNgisi, kungenzeka ukuthi izethulo zokusebenzisa izindlela eziyinkimbinkimbi zokusebenzisa izichazamazwi ekukhetheni iphasiwedi nazo zizosuswa.
Mhlawumbe ayikho indlela eyiqiniso yokwakha amaphasiwedi: kukhona izinzuzo nobubi ngezindlela ezahlukahlukene (ezihambisana nekhono lokukhumbula, ukuthembeka, nezinye izinhlaka), kepha imigomo eyisisekelo imi ngalendlela elandelayo:
- Iphasiwedi kumele ibe nenombolo enkulu yezinhlamvu. Umkhawulo ojwayelekile kakhulu ezinsukwini eziyi-8. Futhi lokhu akwanele uma udinga iphasiwedi evikelekile.
- Uma kungenzeka, izinhlamvu ezikhethekile, izinhlamvu zamacala aphezulu nezincane, izinombolo kufanele zifakwe kuphasiwedi.
- Ungalokothi ufake idatha yomuntu siqu ku-password, noma erekhodwe izindlela ezibonakala “zinobuqili”. Akunazinsuku, amagama nezibongo. Isibonelo, ukwephula iphasiwedi emelela noma yiluphi usuku lwekhalenda lanamuhla likaJulian kusuka ngonyaka we-0 kuya osukwini lwanamuhla (lohlobo ngoJulayi 18, 2015 noma u-18072015, njll.) Kuzothatha imizuzwana kuye emahoreni (futhi noma kunjalo, iwashi lizophuma kuphela ngenxa yokubambezeleka phakathi kokuzama amanye amacala).
Ungahlola ukuthi i-password yakho iqine kangakanani esizeni (yize ukufaka amaphasiwedi kwamanye amasayithi, ikakhulukazi ngaphandle kwe-https akuyona into ephephe kakhulu) //rumkin.com/tools/password/passchk.php. Uma ungafuni ukuqinisekisa iphasiwedi yakho yangempela, faka inani elifanayo (elivela kwinani elifanayo lezinhlamvu kanye nesethi efanayo yezinhlamvu) ukuthola umbono wamandla ayo.
Ngenqubo yokufaka izinhlamvu, insizakalo ibala okufakiwe (ngokwesimo, inani lezinketho ze-entropy lingama-bits ayi-10, inani lokukhethwa lingamandla amabili kuya kweshumi) ngephasiwedi enikeziwe futhi linikeza usizo ekuthembekeni kwamanani ahlukahlukene. Amaphasiwedi ane-entropy engaphezu kwe-60 cishe akunakwenzeka ukuthi aqhekeke noma ngesikhathi sokukhethiwe.
Musa ukusebenzisa amaphasiwedi afanayo kuma-akhawunti ahlukile
Uma une-password enkulu eyinkimbinkimbi, kepha uyisebenzisa nomaphi lapho ungathola khona, ngokuzenzakalelayo iba ngethembekile ngokuphelele. Lapho nje abaduni begqekeza kunoma yiliphi isayithi lapho usebenzisa khona iphasiwedi enjalo futhi ufinyelele kuyo, qiniseka ukuthi izohlolwa ngokushesha (ngokuzenzakalelayo, kusetshenziswa isoftware ekhethekile) kuwo wonke amanye ama-imeyili athandwayo, amageyimu, izinsizakalo zenhlalo, futhi mhlawumbe amabhange e-inthanethi (Izindlela zokubona ukuthi ngabe iphasiwedi yakho isivele ivuthiwe inikezwa ekugcineni kwendatshana edlule).
Iphasiwedi eyingqayizivele ye-akhawunti ngayinye inzima, ayilunganga, kepha iyadingeka uma la ma-akhawunti okungenani ebaluleke kuwe. Noma, kwezinye izinto ezibhalisiwe ezingenalo inani lakho (okungukuthi, usukulungele ukulahlekelwa yizo futhi ngeke ukhathazeke) futhi ungaqukathi imininingwane eyimfihlo, awukwazi ukuhlasela ngamaphasiwedi ahlukile.
Ukuqinisekiswa kwezinto ezimbili
Ngisho nama-password anamandla awaqinisekisi ukuthi akekho umuntu ongena ngemvume ku-akhawunti yakho. Iphasiwedi intshontshwa ngandlela thile (phishing, ngokwesibonelo, njengenketho evame kakhulu) noma itholakale kuwe.
Cishe zonke izinkampani ezinkulu ze-inthanethi kufaka phakathi iGoogle, Yandex, mail.ru, i-Facebook, i-VKontakte, iMicrosoft, eyinqolobane, i-LastPass, i-Steam nezinye zengeze amandla okugunyaza ukuqinisekiswa kwezinto (noma izinyathelo ezimbili) kuma-akhawunti kusukela muva nje. Futhi, uma ukuphepha kubalulekile kuwe, ngincoma kakhulu ukukuvula.
Ukuqaliswa kokuqinisekiswa kwezici ezimbili kusebenza okuhlukile okuthe xaxa ngezinsizakalo ezihlukile, kepha umgomo oyisisekelo unje:
- Uma ungena kwi-akhawunti yakho kusuka kudivayisi engaziwa, ngemuva kokufaka iphasiwedi efanele, ucelwa ukuba uhlole isheke eyengeziwe.
- Isheke lenzeka kusetshenziswa ikhodi ye-SMS, uhlelo olukhethekile ku-smartphone, kusetshenziswa amakhodi aphrintiwe ngaphambilini, umlayezo we-E-mail, ukhiye wehardware (inketho yokugcina ivela kwaGoogle, le nkampani ngokuvamile ingumholi ngokuya ngezinto ezimbili).
Ngakho-ke, noma ngabe umhlaseli ethola iphasiwedi yakho, ubengeke akwazi ukungena ku-akhawunti yakho ngaphandle kokufinyelela kumadivayisi akho, ifoni, i-imeyili.
Uma ungaqondi ngokuphelele ukuthi kusebenza kwezinto ezimbili kusebenza kanjani, ngincoma ukufunda izindatshana ku-inthanethi ngalesi sihloko noma izincazelo nemihlahlandlela yokwenza kumasayithi ngokwawo, lapho iqaliswa khona (angizokwazi ukufaka imiyalo enemininingwane kule ndatshana).
Isitoreji sephasiwedi
Amaphasiwedi ahlukile wesayithi ngayinye muhle, kepha ngiwabeka kanjani? Akunakwenzeka ukuthi wonke la mapasiwedi angagcinwa engqondweni. Ukugcina amaphasiwedi agciniwe esipheqululini kuwumsebenzi oyingozi: azigcini nje ngokuba sengozini yokufinyelela okungagunyaziwe, kepha kumane kungalahleka uma kwenzeka ukushayisana kohlelo nalapho ukuvumelanisa kukhutshaziwe.
Isixazululo esihle kunazo zonke sibhekwa njengabaphathi be-password, okuyiwona magama amaningi izinhlelo ezigcina yonke idatha yakho eyimfihlo kwisitoreji esiphephile esifihliwe (kokubili okungaxhunyiwe ku-inthanethi naku-inthanethi), okutholakala kusetshenziswa iphasiwedi eyodwa (ungavumela ubuqiniso bezinto ezimbili). Iningi lalezi zinhlelo lihlonyelwe namathuluzi wokukhiqiza nokuhlola amandla wephasiwedi.
Eminyakeni embalwa edlule ngabhala i-athikili ehlukile mayelana nabaphathi abakhulu bephasiwedi (kufanelekile ukuyibhala kabusha, kepha ungathola umbono wokuthi iyini nokuthi yiziphi izinhlelo ezithandwayo ezivela esihlokweni). Abanye bakhetha izixazululo ezilula ezingaxhunyiwe ku-inthanethi, njenge-KeePass noma i-1Password, egcina wonke amaphasiwedi kudivayisi yakho, abanye bakhetha izinsiza kusebenza ezisebenzayo ezibuye zinikeze amandla okuvumelanisa (i-LastPass, i-Dashlane).
Abaphathi bephasiwedi abaziwayo ngokuvamile babhekwa njengendlela ephephe kakhulu nethembekile yokuyigcina. Noma kunjalo, kufanelekile ukubheka eminye imininingwane:
- Ukungena kuwo wonke amaphasiwedi wakho kudingeka wazi iphasiwedi eyodwa kuphela.
- Endabeni yokugenca kwesitoreji esiku-inthanethi (empeleni ngenyanga edlule, insizakalo yokulawulwa kwephasiwedi ye-LastPass ethandwa kakhulu emhlabeni ibanjwe), kuzodingeka uguqule wonke amaphasiwedi wakho.
Ngingaphinde ngiwagcine kanjani amaphasiwedi ami abalulekile? Nazi izinketho ezimbalwa:
- Ephepha ephepheni lapho wena namalungu omndeni wakho nizokwazi ukufinyelela khona (awalungele amaphasiwedi adinga ukusetshenziswa kaningi).
- Imininingwane ye-password engaxhunyiwe ku-inthanethi (ngokwesibonelo, i-KeePass) egcinwe kudivayisi yokugcina yesikhathi eside futhi iphindwe kabili endaweni ethile uma kungenzeka ilahlekelwe.
Ngokubona kwami, inhlanganisela efanelekile yazo zonke lezi ezingenhla iyindlela elandelayo: amaphasiwedi abaluleke kakhulu (i-E-mail eyinhloko, ongabuyisela amanye ama-akhawunti, ibhange, njll.) Agcinwe ekhanda futhi (noma) ephepheni endaweni ephephile. Okubaluleke kakhulu futhi, ngasikhathi sinye, ezisetshenziswa kaningi kufanele zinikezwe ezinhlelweni zemenenja ye-password.
Imininingwane eyengeziwe
Ngiyethemba ukuthi ukuhlanganiswa kwezindatshana ezimbili ngesihloko samaphasiwedi kusize abanye bakho ukuthi banake ezinye izici zokuphepha ongacabangi ngazo. Vele, angizange ngicabangele konke ongakwenza, kepha ukuqonda okulula nokuqonda imigomo kuzongisiza ukuthi nginqume ukuthi kuphephile kangakanani okwenzayo ngomzuzu othile. Futhi, abanye basho namaphuzu athile angeziwe:
- Sebenzisa amaphasiwedi ahlukile kumasayithi ahlukile.
- Amaphasiwedi kufanele abe yinkimbinkimbi, futhi ungakhuphula ukuxaka kakhulu ngokwandisa ubude be-password.
- Ungasebenzisi idatha yomuntu siqu (engatholakala) lapho udala iphasiwedi uqobo, nokukubonisa, imibuzo yokuphepha yokululama.
- Sebenzisa ukuqinisekiswa okuzinyathelo ezimbili lapho kungenzeka.
- Thola indlela engcono kakhulu yokugcina amaphasiwedi ngokuphepha.
- Qaphela ubugebengu bokweba imininingwane ebucayi (hlola amakheli e-webhusayithi, ukubethela) kanye ne-spyware. Nomaphi lapho ucelwa ukuthi ufake iphasiwedi, hlola ukuthi uyifaka ngempela esizeni esifanele. Gcina ikhompyutha yakho ingenayo i-malware.
- Uma kungenzeka, ungasebenzisi amaphasiwedi wakho kumakhompyutha abanye abantu (uma kunesidingo, kwenze ngendlela ye-"incognito" yesiphequluli, futhi uthayiphe kangcono kusuka kwikhibhodi ekusikrini), kumanethiwekhi we-Wi-Fi avulekile womphakathi, ikakhulukazi uma kungekho ukubethelwa kwe-https uma uxhuma esizeni .
- Mhlawumbe akufanele ugcine amaphasiwedi abaluleke kakhulu kwikhompyutha noma kwi-inthanethi abaluleke kakhulu.
Into efana naleyo. Ngicabanga ukuthi ngikwazile ukukhuphula izinga lokuqina kwengqondo. Ngiyaqonda ukuthi okuningi kwalokho okuchaziwe kubonakala kungahambi kahle, imicabango efana nokuthi "kahle, izongidlula" ingaqhamuka, kepha isizatho sobuvila kuphela lapho silandela imithetho yezokuphepha elula lapho sigcina imininingwane eyimfihlo kungaba nje ukungabaluleki kwayo nokubaluleka kwakho koku ukuthi iyoba impahla yabantu besithathu.