Amaphasiwedi wokugenca, akunandaba ukuthi ayimaphi amaphasiwedi - avela ema-mail, asebhange eliku-inthanethi, e-Wi-Fi noma e-VKontakte nase-Odnoklassniki akhawunti, usanda kuba ngumcimbi ovame ukwenziwa. Lokhu kungenxa yokuthi abasebenzisi abalandeli imithetho elula yezokuphepha lapho bedala, begcina futhi besebenzisa amaphasiwedi. Kodwa lesi akusona ukuphela kwesizathu amaphasiwedi angawela ezandleni ezingalungile.
Le ndatshana inikezela ngemininingwane enemininingwane yokuthi yiziphi izindlela ezingasetshenziswa ukuqhekeka amaphasiwedi abasebenzisi nokuthi kungani usengozini yokuhlaselwa okunje. Ekugcineni, uzothola uhlu lwezinsizakalo eziku-inthanethi ezizokwazisa uma ngabe iphasiwedi yakho isivele ibuthisiwe. Kuzoba nokuthi (sekuvele kukhona) i-athikili yesibili ngesihloko, kepha ngincoma ukuqala ukufundwa ngesibuyekezo samanje, bese kuqhubekela kokulandelayo.
Vuselela: lokhu okulandelayo kulungele - Mayelana nokuphepha kwephasiwedi, okuchaza ukuthi ungakwandisa kanjani ukuphepha kwama-akhawunti akho namaphasiwedi.
Yiziphi izindlela ezisetshenziselwa ukweqa amaphasiwedi?
Ukweqa amaphasiwedi, kusetshenziswa uhla olungafani kangako lwamasu ahlukile. Cishe bonke bayaziwa futhi cishe noma ikuphi ukuyekethisa kolwazi oluyimfihlo kutholakala ngokusebenzisa izindlela ngazinye noma ukuhlanganiswa kwabo.
Ubugebengu bokweba imininingwane ebucayi
Indlela ejwayelekile yokuthi amaphasiwedi ezinsizakalo ezaziwa nge-imeyili kanye nezinkundla zokuxhumana "ahlanekezelwe" kuze kube manje ukuheha imininingwane ebucayi, futhi le ndlela isebenza ngamaphesenti amakhulu abasebenzisi.
Umnyombo wale ndlela ukuthi uzitholele isayithi ocabanga ukuthi liyayazi (i-Gmail efanayo, i-VK noma i-Odnoklassniki, isibonelo), futhi ngesizathu esithile ucelwa ukuba ufake igama lakho lomsebenzisi nephasiwedi (ukufaka, ukuqinisekisa okuthile, ukuyishintsha, njll.). Ngokushesha ngemuva kokufaka iphasiwedi, umhlaseli uzithola.
Kwenzeka kanjani lokhu: ungathola incwadi, okusolwa ukuthi ivela kwinsizakalo yokusekelwa, ikwazisa ngesidingo sokungena kwi-akhawunti yakho futhi unikezwe isixhumanisi, lapho uya kuleyo sayithi, iwebhusayithi evimbela ngqo lena yasekuqaleni. Kungenzeka ukuthi ngemuva kokufaka ngengozi isoftware engafuneki kukhompyutha, izilungiselelo zesistimu ziguqulwa ngendlela yokuthi lapho ufaka ikheli lesayithi olidingayo kubha yamakheli esiphequluli, empeleni ufika kusayithi lobugebengu bokweba imininingwane ebucayi elakhiwe ngendlela efanayo.
Njengoba sengishilo, inqwaba yabasebenzisi ihlangabezana nalokhu, futhi imvamisa lokhu kungenxa yokunganaki:
- Lapho uthola incwadi ethi ngandlela thile ikumema ukuthi ungene ku-akhawunti yakho esizeni esithile, naka ukuthi ngabe yathunyelwa ngempela yini ekhelini le-imeyili kuleli sayithi: amakheli afanayo ahlala esetshenziswa. Isibonelo, esikhundleni [email protected], kungahle kube [email protected] noma okuthile okufanayo. Noma kunjalo, ikheli elifanele alihlali liqinisekisa ukuthi konke kuhleliwe.
- Ngaphambi kokufaka iphasiwedi yakho endaweni ethile, bheka ngokucophelela ibha yekheli lesiphequluli sakho. Okokuqala, isayithi ofuna ukuya kulo kumele likhonjiswe lapho. Noma kunjalo, esimweni se-malware ekhompyuter, lokhu akwanele. Kufanele futhi unake ubukhona bokubethela koxhumo, okunganqunywa ngokusebenzisa i-protocol ye-https esikhundleni se-http kanye nesithombe "sokukhiya" kubha yamakheli, ngokuchofoza ongakuqinisekisa ukuthi ukuleli sayithi. Cishe zonke izinsiza ezingathi sína ezidinga ukusetshenziswa kokubhala ngemfihlo kwe-akhawunti.
Ngendlela, ngizokubona lapha ukuthi ukuhlaselwa kobugebengu bokweba imininingwane ebucayi kanye nezindlela zokuqhekeka ngamaphasiwedi (ezichazwe ngezansi) akuchazi umsebenzi obuhlungu nowokuphamba komuntu oyedwa namuhla (okusho ukuthi, akadingi ukufaka amaphasiwedi ayisigidi ngesandla) - konke lokhu kwenziwa ngezinhlelo ezikhethekile, ngokushesha nangezinombolo ezinkulu. , bese ubika impumelelo kumhlaseli. Ngaphezu kwalokho, lezi zinhlelo zingahle zingasebenzi kwikhompyutha ye-hacker, kepha ngasese kweyakho nasezinkulungwaneni zabanye abasebenzisi, ngezinye izikhathi ezandisa ukusebenza kokuqhekeka.
Ukufaniswa kwephasiwedi
Ukuhlaselwa okusetshenziswa ukuqagela nge-password (i-Brute Force, i-brute Force ngesiRussia) nakho kuvame kakhulu. Uma iminyaka embalwa edlule, iningi lalokhu kuhlaselwa bekubhala ngempela yonke inhlanganisela yohlamvu oluthile lwabalingisi ukuqamba amaphasiwedi wobude obuthile, khona-ke okwamanje yonke into ilula ngandlela-thile (kubaduni).
Ukuhlaziywa kwezigidi zamaphasiwedi avutshwe eminyakeni edlule kukhombisa ukuthi ngaphansi kwengxenye yawo ahlukile, kanti amaphesenti amasayithi angenalwazi kakhulu “akanalwazi”.
Kusho ukuthini lokhu? Ngokwesimo esejwayelekile, umdubuli akadingi ukuhlela ngokusebenzisa izigidi ngezigidi zezinhlanganisela: ukuba ne-database yamaphasiwedi ayizigidi eziyi-10-15 (inani elilinganisiwe, kepha eliseduze neqiniso) futhi ukufaka lezi zinhlanganisela kuphela, angaphamba cishe isigamu sama-akhawunti kunoma yisiphi isiza.
Endabeni yokuhlaselwa okuhlosiwe ku-akhawunti ethile, ngaphezu kwedatha, amandla asetshenziswa kalula ama-brute angasetshenziswa, futhi isoftware yanamuhla ikuvumela ukuba wenze lokhu ngokushesha: iphasiwedi yezinhlamvu eziyi-8 ingaqhekeka endabeni yezinsuku (futhi uma lezi zinhlamvu zimelela usuku noma inhlanganisela yamagama nezinsuku, okungajwayelekile - ngamaminithi).
Uyacelwa ukuthi uqaphele: uma usebenzisa i-password efanayo kumasayithi ahlukene nezinsizakalo, lapho-ke lapho iphasiwedi yakho nekheli le-imeyili elihambisanayo litholisiwe kunoma yikuphi kubo, usebenzisa isoftware ekhethekile, inhlanganisela efanayo yokuloga nephasiwedi izohlolwa kumakhulu ezinye izingosi. Isibonelo, ngemuva nje kokuvuza kwamaphasiwedi we-Gmail kanye ne-Yandex ayisigidi ngasekupheleni konyaka owedlule, igagasi lokuqothuka kwama-akhawunti we-Origin, Steam, Battle.net ne-Uplay akhukhulekile (ngicabanga, nabanye abaningi, bavele bangithinta kumasethingi wegeyimu acacisiwe).
Ukugenca amasayithi nokuthola i-password hashes
Amasayithi abucayi kakhulu awagcini iphasiwedi yakho ngendlela oyazi ngayo. Kuphela i-hashi eligcinwe ku-database - umphumela wokusebenzisa umsebenzi ongenakuphikwa (okungukuthi, awukwazi ukuthola iphasiwedi yakho futhi kulo mphumela) ungene kuphasiwedi. Uma ufaka isiza, i-hashi iyaphindwa futhi, futhi uma ifana nalokho okugcinwe database, lapho ufaka iphasiwedi kahle.
Njengoba ungahle uqagele, yikukujaha okugcinwe, hhayi amaphasiwedi ngokwawo, ngenxa yezizathu zokuphepha - ukuze kuthiwe ngokugenca okungemthetho nomhlaseli athole database, akakwazanga ukusebenzisa imininingwane futhi athole amaphasiwedi.
Kodwa-ke, kaningi, angakwenza lokhu:
- Ukubala i-hash, ama-algorithms athile asetshenziswa, ingxenye enkulu - eyaziwayo futhi ejwayelekile (okungukuthi, wonke umuntu angayisebenzisa).
- Njengoba sin yolwazi ngezigidi zamaphasiwedi (ukusuka endaweni enamaphutha amakhulu), umhlaseli uyakwazi ukufinyelela ekuxhamazeni ngala mapasiwedi abalwe kusetshenziswa wonke ama-algorithms akhona.
- Ngokuqhathanisa imininingwane kusuka kudathabheyidi ephumayo ne-password hashes kusuka kunolwazi lwakho siqu, unganquma ukuthi isetshenziswa yiphi i-algorithm futhi uthole amaphasiwedi wangempela wokunye okufakiwe database ngokuqhathanisa okulula (kuko konke okungahlukile). Futhi amathuluzi we-brute Force azokusiza ekutholeni amanye ama-password ahlukile, kepha amafushane.
Njengoba ubona, izitatimende zokukhangisa zezinsizakalo ezahlukahlukene ezingawagcini amaphasiwedi wakho kuwebhusayithi yazo azivikeli kakhulu ekuvuthweni kwazo.
Spyware (SpyWare)
I-SpyWare noma i-spyware - uluhlu olubanzi lwe-software enobungozi efaka ikhompyutha yakho ngqo (futhi imisebenzi ye-spyware ingafakwa kwisoftware ethile edingekayo) futhi iqoqe imininingwane mayelana nomsebenzisi.
Phakathi kokunye, izinhlobo ezithile zeSpyWare, ngokwesibonelo, ama-keylogger (izinhlelo ezilandelela izinkinobho ozicindezela) noma abahlaziyi bezimoto abasesithekile, zingasetshenziswa (futhi zisetshenziswe) ukuthola amaphasiwedi womsebenzisi.
Izingqinamba Zobunjiniyela Kwezenhlalo Nezindaba Zokubuyiselwa Kwephasiwedi
Njengoba i-Wikipedia isitshela, ubunjiniyela bezenhlalo buyindlela yokuthola ulwazi olususelwa ezimfanelweni zengqondo yomuntu (lokhu kufaka phakathi imininingwane ebucayi eshiwo ngenhla). Kwi-Intanethi ungathola izibonelo eziningi zokusetshenziswa kobunjiniyela bezenhlalo (ngincoma ukusesha nokufunda - lokhu kuyathakazelisa), ezinye zazo ezigqamile ngokuqina kwazo. Ngokwejwayelekile, le ndlela ihlangana neqiniso lokuthi cishe noma yiluphi ulwazi oludingekayo ukufinyelela imininingwane eyimfihlo lungatholwa kusetshenziswa ubuthakathaka bomuntu.
Futhi ngizonikeza kuphela elula futhi hhayi ikakhulukazi nenhle yasendlini ehlobene namaphasiwedi. Njengoba wazi, kumasayithi amaningi, ukuthola kabusha iphasiwedi yakho, kwanele ukufaka impendulo yombuzo wokuphepha: ufunda siphi isikole, igama lentombi kamama, igama lesidlaliso sasekhaya ... Noma ngabe ungakaluthumeli lolu lwazi kusizinda somphakathi ezinkundleni zokuxhumana, kunzima ngabe usebenzisa amanethiwekhi afanayo wokuxhumana nabantu, ukujwayelana nawe, noma ukuhlangana ngokukhethekile, uluthole lolo lwazi?
Ungathola kanjani ukuthi iphasiwedi yakho idunwe
Ekugcineni kwendatshana, kunezinsizakalo ezimbalwa ezikwazisa uma iphasiwedi yakho idliwe ngokubheka ikheli lakho le-imeyili noma igama lomsebenzisi eline-database yamaphasiwedi efinyelelwe ngabaduni. (Kuyangimangaza kancane ukuthi phakathi kwabo kunamaphesenti amaningi wemininingwane evela ezinsizakalweni zolimi lwaseRussia).
- //haveibeenpwned.com/
- //breachalarm.com/
- //pwnedlist.com/query
Uthole i-akhawunti yakho ohlwini lwabaduni abaziwayo? Kunengqondo ukushintsha iphasiwedi, kepha ngemininingwane eminingi ngezindlela eziphephile maqondana namaphasiwedi we-akhawunti engizokubhala ezinsukwini ezizayo.
