เป็นบทความที่บอกเกี่ยวกับการตั้งรหัสผ่านครับ เพื่อบางคนยังไม่ตระหนักถึงความสามารถในการ brute force ของเหล่า hacker
จากที่ผมเคยพบนะครับ ถ้าใช้ windows บรูทฟอส จะใช้เวลาต่อรหัส ราวๆ 6ชั่วโมง แต่ถ้าใช้เครื่องเซิฟที่เป็น linux พวกนี้จะใช้เวลา
แค่ 4 ชม. ดังนั้นถ้าเราตั้งรหัสผ่านให้มัน brute ยากก็ย่อมดีกว่าครับ กันไว้ดีกว่าแก้
Tech Novice: What's a "Strong" Password?
You've heard your IT manager say it: "Why don't you use a strong password?" And maybe you're wondering how a password gets stronger? Gym workouts? Secret locker room deals with Barry Bonds? Here's the scoop:
The strength of a password is measured by its resistance to attack. The basic hacker attack against a password is termed 'brute force". That refers to the hacker's computer(s) just trying a large variety of words and/or letter combination until they happen to hit the right password.
If you stick with just letters, or worse just lower case letters, you're weakening yourself against this kind of brute force attack. Those passwords might be easier to remember (like for me, "oliver" might be easy), but now the brute force attack simply has to run through a list of semi-common names to guess my password. Even if I capitalize a few letters in the password ("OliVeR"), it still won't slow down a decent cracker.
So how do you put together a strong password that isn't impossible to remember? The password "2mn!$0Uir" may be pretty strong, but try remembering that unless you use it every day. Here's a few variations:
1. Start with a phrase that's important to you. As an example, try your Mom's address -- 1438 Atlantic Blvd., Blingblang OH 02887. One possible password here might be all the numbers and the first letters of each word combined with the two-letter abbreviation for the state: 1438ABBOH02887. That's a pretty strong password, but it could be stronger. Instead of capitalizing everything, let's cap only the state abbreviation. And instead of using all the numbers, let's just use the <shift> characters for the four numbers in the address. So you get !$#*abbOH02887. That's a strong password.
2. Link two things that only you would link. Try your two favorite books. For me, that might be Tolkien's Lord of the Rings and Hemingway's A Moveable Feast. For starters, pick a word from each title and combine them into a unique phrase: LordFeast. Still pretty easy to crack. So associate some numbers with each word. There were 3 books and 9 heroes in the fellowship and the last time I was in Paris (where A Moveable Feast takes place) was on the 14th of July--the French 4th of July. So now you might have 39LordFeast714. Better, but you could still take it a step further.
For example, just change all the vowels into numbers--I have a little code for that:
a = 4
e = 3
i = 1
o = 0
u = 7
Now you'd get 39L0rdF34st714. And if you decided to hit <shift> for all the numbers that used to be vowels, you'd get 39L)rdF#$st714. Damn hard to crack, yet pretty simple to remember if you just follow your own rules.
Yeah, strong passwords can be a pain. But when you're protecting things like your bank account or corporate resources that might get you fired (or worse) if they got stolen through your weak password, it's worth the effort. And besides, with a little imagination on the variations described above, you can pretty quickly come up with a strong password that's still easy to remember...for you.
จาก http://technologyfilter.spaces.live.com/Bl...#33;10243.entry
หรือถ้าใครจะเอาฉบับผมแปลก็ได้นะครับ แต่บอกก่อนว่าผมไม่ใช่มืออาชีพนะครับ ถ้าเกิดว่าแปลไม่ดีก็อย่าว่ากันนะครับ พอเป็นแนวทางครับ
**Hidden Content: To see this hidden content your post count must be 5 or greater.**
Reply With Quote
