【吉祥博【官网】 manaura.com】探秘天下未解之谜 分享全球奇闻趣事

手机版 - 繁体中文 - 今天是

大脑记不住纷乱密码 看管理密码的最佳利器|吉祥博

发布时间:2020-09-17 11:37:02来源:吉祥博【官网】编辑:吉祥博【官网】阅读: 当前位置:首页 > 猎奇怪事 > 手机阅读

吉祥博-Theres a war raging between hackers and companies, and youre caught in the crossfire. Every time a company gets hacked, you have to change your password. And dont you dare reuse it somewhere else.黑客和企业之间在再次发生战争,而你也身陷其中。每次企业受到黑客攻击,你都被迫改动自己的密码,还不肯在其它地方新的用于这个密码。


Dreaming up a different password for every site and service is the only way to keep your stuff safe online, but its also a gigantic nuisance. Theres one thing you can -- and should -- do to help: Get a password manager program.为每一个网站和每一项服务想要一个有所不同的密码是让你的东西在网上取得安全性确保的唯一办法,但这也是一件大麻烦事。回应,你需要、也应当做到的一件事是:用于密码管理程序。

I have more than 150 different logins and counting. Id have to be Rain Man to memorize that many passwords. So I went on a hunt for the best services for storing all my passwords, and whittled down the list to four that get the job done and offer enough security for most of us: 1Password, Dashlane, LastPass and PasswordBox.我有150多个有所不同的登录名,这个数字还在减少。我必需沦为雨人(Rain Man)才能忘记那么多的密码。

因此我开始找寻可以储存我所有密码的最差工具,最后将最合适名单增加到四个:1Password、Dashlane、LastPass和PasswordBox。它们可以不辱使命并为我们大多数人获取充足的安全性确保。LastPass is a good choice for people who use newer technology like fingerprint scanners. For the really paranoid, 1Password offers the most control over where your encrypted vault of passwords gets stored.LastPass对于用于指纹扫描仪等新技术的人来说是一个很好的自由选择,而对于确实的偏执狂来说,1Password可以对你的加密密码库的所在位置获取拟合的掌控服务。

For most people, I recommend Dashlane. Its simple, so youll actually use it. It may even save you clicks.对于大多数人,我引荐用于Dashlane。它很非常简单,所以你知道不会用它,它甚至可以让你增加你页面鼠标的次数。But, wait -- isnt storing all your passwords in one place a terrible idea? Its better than reusing easily remembered passwords everywhere. Password managers hide your information behind a master password that only you know.不过,等等――把你所有的密码存放在一个地方,这怎么会不是一个可怕的点子吗?这大比在所有地方重复使用轻而易举就记得住的密码要好。密码管理器不会把你的信息隐蔽在一个只有你才告诉的主密码后面。

Nothing is 100% guaranteed, but all four of these managers take the additional security step of never sending your master password over the Internet. Theyre like a safety deposit box that a professional keeps without knowing whats inside, or even holding a key to open it.没什么东西是有100%的确保的,但这四种密码管理器都采行了额外的安全措施,总有一天会在互联网上发送到你的主密码。它们就像一个保险箱一样,交给它的专业人士并不知道里面敲的是什么,甚至没关上它的钥匙。In an age where more of our personal information lives, password protected, up in the cloud, we need defenses beyond antivirus software. Using a password manager is the next step.在我们更加多的个人信息通过密码保护的方式存储到云端的年代,除了杀毒软件以外,我们还必须额外的防水。用于密码管理器就是下一步要采行的措施。

Dashlane is like the memory you wish you had. It keeps track of not only passwords, but also credit card numbers and user IDs, filling them in when you need them across many different devices. It also keeps a helpful scorecard on the quality of your existing passwords, and nudges you to improve them.Dashlane恰如你期望享有的那种记忆力,它记录的不光是密码,还有信用卡卡号及用户名,当你在诸多有所不同设备上必须这些信息的时候就可以把它们堆进来。Dashlane还有一个用处相当大的记分卡,可以评估你现有密码的可靠性并呼吁你加以改进。Dashlane is free to use on any single device; a $30 annual subscription lets the Dashlane apps automatically sync your data across devices. You can try this premium service free for 30 days.Dashlane在任何一台单一设备上都可以免费用于;交纳30美元(约合人民币187元)的年费就可以让Dashlane应用软件自动实时你在各个设备上的数据,你可以免费试用这项高级服务30天。Setting up Dashlane is a pleasure. Its app slurps up the passwords that been saved unencrypted in your Web browser, and learns new ones as you type them. All of this gets protected by the master password, encrypted in a database on your computer or mobile device. Every time you start your computer or open the Dashlane app, you must log into the app with that master password. (You can make it ask for your password more often, like whenever your device is idle for too long.)加装Dashlane是一种体验。


每次你启动电脑或关上Dashlane应用于的时候,你必需用那个主密码指定转入该应用于。(你可以让它更加频密地告知你的密码,比如当你的设备过于长时间没操作者的时候。)Dashlane uses an add-on to Web browsers, including Chrome, Firefox, Internet Explorer and Safari. When youre logging into a site Dashlane knows, it puts a small icon (a dashing impala) in the login box to let you know it can enter your username and password -- even your credit card number. If you tell it to, Dashlane will even press the login button automatically. It doesnt work on every site, but does a better job than most.Dashlane在网页浏览器上用于的是一个插件,限于的浏览器还包括Chrome、火狐(Firefox)、IE(Internet Explorer)和苹果Safari。


Along the way, Dashlane also tries to improve your security. When youre changing a password or starting a new account, it suggests a strong one that would confound even a supercomputer. And its colorful security scorecard cheerfully humiliates you into replacing weak or repeated passwords.在这一过程中,Dashlane还不会竭力提升你的安全性确保。当你在改动密码或打开一个新的账户时,它不会建议设置一个甚至可以欺骗一台超级计算机的抗病毒密码。它那五彩缤纷的安全性记分卡不会得意洋洋地嘲笑你,让你替换不易被密码或反复的密码。Where password managers really become helpful is keeping your passwords up-to-date across all sorts of devices -- computers, phones and tablets. (I ruled out the password keepers built into Googles Chrome browser and Apples iCloud because neither works across all of my stuff.)密码管理器确实简单的地方是让你的密码可以在各种设备上――电脑、手机和平板电脑――获得改版。

(我回避了谷歌(Google) Chrome浏览器中内置的密码管理器和苹果(Apple)的iCloud,因为两者都无法改版我所有的设备上的密码。)Dashlane works largely the same way on Android phones and tablets, automatically entering your passwords in apps, though not yet on the default Chrome browser. (The company says it is working on that.)Dashlane在安卓系统(Android)的手机和平板上的工作方式大致相同,不会自动在应用软件中输出你的密码,不过在配置文件的Chrome浏览器上还无法运作。


(该公司说道它正在解决问题这个问题。)On iPhones and iPads, the Dashlane app allows you to copy and paste all of your logins and passwords into a browser, but cant fill them in for you because of Apples programming rules. (The same problem afflicts most password managers except for PasswordBox, which has figured out a way to auto-login on a handful of big sites on mobile Safari.)在iPhone和iPad上,Dashlane应用于容许你将所有的登录名和密码拷贝、粘贴到浏览器,但受制于苹果公司的编程规则,它无法替你填上这些信息。(某种程度的问题还后遗症着除PasswordBox以外的大多数密码管理器,PasswordBox早已寻找一个办法在移动Safari浏览器上自动指定一些大的网站。)If you share a computer with family members, Dashlane remembers multiple logins without asking you to set up profiles. And the company says it is close to launching a new families-and-teams version that will make it easier to sync passwords between people who share, say, an Amazon or Netflix account.如果你与家人共用一台电脑,Dashlane不必让你设置配置文件就可以忘记多个登录名。

该公司说道,它将要发售一款家庭-团队版本的新管理器,让那些共用亚马逊(Amazon)或网飞来(Netflix)等账户的人之间可以更容易地实时密码。Behind the scenes, Dashlane takes some important steps to secure your data. It never sends your master password over the Internet, and it protects your personal data using advanced encryption known as AES-256 before syncing it with your other devices via its servers. Neither Dashlane nor a hacker (or government agency) breaking into the companys systems could access your data without knowing your master password. This setup prevented Dashlane from even being vulnerable to the recent Heartbleed security catastrophe.在幕后,Dashlane采行了几项最重要措施确保你的数据安全。它总有一天会在互联网上发送到你的主密码,在通过其服务器将密码与你的其它设备实时之前,它用于一种取名为AES-256的高级加密技术来维护你的个人数据。Dashlane和入侵公司系统的黑客(或者政府机构)如果不告诉你的主密码,都无法提供你的数据。

这种设置甚至让Dashlane躲过了最近的Heartbleed安全漏洞一劫。But if you really want to keep your stuff off the Internet, Dashlane gives you that option, too, though youll need to sync passwords manually across devices. (The password manager that does the best offline syncing is 1Password.)但如果你觉得期望你的密码不经常出现在互联网上,Dashlane也不会给你那样的自由选择,不过你必须在设备之间手动实时密码。(离线实时做到得最差的密码管理器是1Password。)OK, what happens if somebody manages to get your master password? That could happen if someone installs a piece of keylogging malware on your computer -- and is a good reminder that you should run antivirus software to keep such attacks at bay.好了,要是有人设法提供了你的主密码怎么办呢?假如有人在你的电脑上加装了一款键盘记录恶意软件,这种事情很有可能再次发生――这对你也是一个很好的警告,你应当运营杀毒软件,将那样的反击拒之门外。

But even if that happened, theres an additional layer of security: Dashlane wont let someone unlock your passwords on a new device without first entering an ever-changing code it sends directly to your phone or email.不过,即便再次发生了那种事,另外还有一层安全性保护措施:如果不再行输出一个必要发送到你手机或电子邮件的随机验证码,Dashlane是会让人在一台新的设备上给密码关卡的。This important two-step authentication is only available from Dashlane and LastPass, though PasswordBox says it is working on it. A 1Password spokesman says this additional authentication isnt helpful with its design, where there is no central silo of your data. But I think it helps to know if someone is trying to get into your stuff.这种两步检验身份的最重要手段只有Dashlane和LastPass才获取,而PasswordBox说道它正在做到这项工作。1Password的一名发言人说道,这种可选的身份验证对于1Password的设计来说没多大用处,1Password里没你的中央数据库。但我指出假如有人企图转入你的地盘时,这种检验可以老大你理解状况。

Still, why should you trust Dashlane, a two-year-old startup with two million customers?那么,你为何应当信任Dashlane这家有两年历史、两百万客户的初创企业呢?Because selling security is the only way Dashlane makes money. And if you decide it is not worth $30 a year, Dashlane lets you export your password database in forms that can be read by you or another password manager.因为Dashlane赚的唯一途径是买安全性。如果你指出一年30美元的费用有所不值,Dashlane容许以你或别的密码管理器可以加载的方式输入你的密码数据库。You could even use the old-fashioned technique, and print out the database on paper. As crazy as that sounds, its still safer than using the same password over and over again.你甚至可以用老式的手段把数据库打印机在纸上。



标签:吉祥博 吉祥博官网