Spoiler kuchokera pamutu wa lipotilo: "Kugwiritsa ntchito chitsimikiziro champhamvu kumawonjezeka chifukwa chakuwopseza kwatsopano ndi zofunikira pakuwongolera."
Kampani yofufuza "Javelin Strategy & Research" idasindikiza lipoti "The State of Strong Authentication 2019" (). Lipotili likuti: kuchuluka kwa makampani aku America ndi ku Europe omwe amagwiritsa ntchito mawu achinsinsi (ndi chifukwa chake anthu ochepa amagwiritsa ntchito mawu achinsinsi tsopano); chifukwa chake kugwiritsa ntchito kutsimikizika kwazinthu ziwiri kuzikidwa pa zizindikiro za cryptographic kukukula mofulumira; Chifukwa chiyani ma code anthawi imodzi omwe amatumizidwa kudzera pa SMS sali otetezeka.
Aliyense amene ali ndi chidwi ndi zomwe zikuchitika, zam'mbuyomu, komanso zam'tsogolo zamabizinesi ndi mapulogalamu ogula ndiwolandiridwa.
Kuchokera kwa womasulira
Tsoka, chilankhulo chomwe lipotili lalembedwa ndi "chouma" komanso chokhazikika. Ndipo kasanu kugwiritsiridwa ntchito kwa liwu loti βchitsimikiziroβ mβchiganizo chimodzi chachifupi si manja okhotakhota (kapena ubongo) wa womasulira, koma kufuna kwa olemba. Pomasulira kuchokera ku zosankha ziwiri - kupatsa owerenga malemba oyandikana ndi oyambirira, kapena osangalatsa kwambiri, nthawi zina ndinasankha choyamba, ndipo nthawi zina chachiwiri. Koma khalani oleza mtima, owerenga okondedwa, zomwe zili mu lipoti ndizoyenera.
Zidutswa zina zosafunika ndi zosafunikira za nkhaniyo zinachotsedwa, apo ayi ambiri sakanatha kuΕ΅erenga malemba onse. Amene akufuna kuwerenga lipoti βosadulidwaβ angachite zimenezo mβchinenero choyambirira potsatira ulalo.
Tsoka ilo, olemba sakhala osamala nthawi zonse ndi terminology. Chifukwa chake, mapasiwedi anthawi imodzi (Nthawi Yachinsinsi - OTP) nthawi zina amatchedwa "machinsinsi", ndipo nthawi zina "makhodi". Ndizoipa kwambiri ndi njira zotsimikizira. Sikophweka nthawi zonse kwa owerenga osaphunzitsidwa kuganiza kuti "kutsimikizira pogwiritsa ntchito makiyi a cryptographic" ndi "kutsimikizira mwamphamvu" ndi chinthu chomwecho. Ndinayesera kugwirizanitsa mawuwo momwe ndingathere, ndipo mu lipoti lokha pali chidutswa ndi kufotokozera kwawo.
Komabe, lipotilo limalimbikitsidwa kwambiri kuti liwerenge chifukwa lili ndi zotsatira za kafukufuku wapadera komanso mfundo zolondola.
Ziwerengero zonse ndi zowona zimaperekedwa popanda kusintha pang'ono, ndipo ngati simukugwirizana nazo, ndiye kuti ndibwino kuti musatsutsane ndi womasulira, koma ndi olemba lipoti. Ndipo nazi ndemanga zanga (zolembedwa ngati mawu, zolembedwa m'mawu Chitaliyana) ndi chiweruzo changa chamtengo wapatali ndipo ndidzakhala wokondwa kukangana pa aliyense wa iwo (komanso ubwino wa kumasulira).
mwachidule
Masiku ano, njira zama digito zolumikizirana ndi makasitomala ndizofunikira kwambiri kuposa kale pamabizinesi. Ndipo mkati mwa kampani, kulumikizana pakati pa antchito kumakhala kokhazikika pama digito kuposa kale. Ndipo kuti kuyanjana kumeneku kudzakhala kotetezeka bwanji kumadalira njira yosankhidwa yotsimikizira ogwiritsa ntchito. Zigawenga zimagwiritsa ntchito kutsimikizira kofooka kuthyolako kwambiri maakaunti a ogwiritsa ntchito. Poyankha, owongolera akulimbitsa miyezo yokakamiza mabizinesi kuti ateteze bwino maakaunti a ogwiritsa ntchito ndi data.
Ziwopsezo zokhudzana ndi kutsimikizira zimapitilira kugwiritsa ntchito ogula; owukira amathanso kupeza mapulogalamu omwe ali mkati mwabizinesi. Izi zimawalola kuti azitengera ogwiritsa ntchito makampani. Zigawenga zomwe zimagwiritsa ntchito malo olowera ndi kutsimikizika kofooka zimatha kuba deta ndikuchita zina zachinyengo. Mwamwayi, pali njira zothana ndi izi. Kutsimikizika kwamphamvu kumathandizira kuchepetsa chiopsezo chowukiridwa ndi wowukira, pazogwiritsa ntchito ogula komanso pamabizinesi amabizinesi.
Kafukufukuyu akuwunika: momwe mabizinesi amagwiritsira ntchito kutsimikizika kuti ateteze ntchito za ogwiritsa ntchito ndi machitidwe abizinesi; zinthu zomwe amaziganizira posankha njira yotsimikizira; gawo lomwe kutsimikizika kolimba kumachita m'mabungwe awo; phindu lomwe mabungwewa amalandira.
Chidule
Zotsatira Zofunikira
Kuyambira 2017, kugwiritsa ntchito kutsimikizika kolimba kwakula kwambiri. Ndi kuchuluka kwa ziwopsezo zomwe zikukhudza njira zotsimikizika zachikhalidwe, mabungwe akulimbitsa mphamvu zawo zotsimikizira ndi kutsimikizika kolimba. Chiwerengero cha mabungwe omwe amagwiritsa ntchito cryptographic multi-factor authentication (MFA) chawonjezeka katatu kuyambira 2017 pakugwiritsa ntchito ogula ndipo chawonjezeka ndi pafupifupi 50% pamabizinesi. Kukula kofulumira kwambiri kumawoneka pakutsimikizika kwa mafoni chifukwa chakuwonjezeka kwa kutsimikizika kwa biometric.
Apa tikuona fanizo la mwambi wakuti βmpaka bingu ligunda, munthu sadziwoloka yekha.β Akatswiri atachenjeza za kusatetezeka kwa mawu achinsinsi, palibe amene anali wofulumira kukhazikitsa zitsimikiziro ziwiri. Obera atangoyamba kuba mawu achinsinsi, anthu adayamba kutsimikizira zinthu ziwiri.
Zowona, anthu akugwiritsa ntchito 2FA mwachangu. Choyamba, ndizosavuta kwa iwo kuti athetse mantha awo podalira kutsimikizika kwa biometric komwe kumapangidwa mu mafoni a m'manja, omwe ndi osadalirika kwambiri. Mabungwe amafunika kugwiritsa ntchito ndalama pogula ma tokeni ndikugwira ntchito (kwenikweni, yosavuta) kuti akwaniritse. Ndipo kachiwiri, ndi anthu aulesi okha omwe sanalembepo za kutuluka kwa mawu achinsinsi kuchokera ku mautumiki monga Facebook ndi Dropbox, koma popanda vuto lililonse ma CIO a mabungwewa adzagawana nkhani za momwe mapasiwedi anabedwa (ndi zomwe zinachitika pambuyo pake) m'mabungwe.
Iwo omwe sagwiritsa ntchito kutsimikizira mwamphamvu akuchepetsa chiopsezo chawo ku bizinesi ndi makasitomala awo. Mabungwe ena omwe pakali pano sagwiritsa ntchito kutsimikizira mwamphamvu amakonda kuona malowedwe ndi mawu achinsinsi ngati njira imodzi yothandiza komanso yosavuta kugwiritsa ntchito yotsimikizira ogwiritsa ntchito. Ena samawona mtengo wazinthu za digito zomwe ali nazo. Kupatula apo, ndikofunikira kulingalira kuti zigawenga zapaintaneti zimakhudzidwa ndi chidziwitso chilichonse cha ogula ndi bizinesi. Awiri mwa magawo atatu amakampani omwe amagwiritsa ntchito mawu achinsinsi okha kuti atsimikizire antchito awo amatero chifukwa amakhulupirira kuti mawu achinsinsi ndi abwino mokwanira pamtundu wa chidziwitso chomwe amateteza.
Komabe, mawu achinsinsi ali panjira yopita kumanda. Kudalira mawu achinsinsi kwatsika kwambiri chaka chatha kwa ogula ndi mabizinesi ofunsira (kuchokera 44% mpaka 31%, komanso kuchokera 56% mpaka 47%, motsatana) monga mabungwe akuwonjezera kugwiritsa ntchito kwawo MFA zachikhalidwe komanso kutsimikizika kolimba.
Koma ngati tiyang'ana momwe zinthu zilili, njira zotsimikizirika zosatetezeka zikadalipo. Pakutsimikizira kwa ogwiritsa ntchito, pafupifupi kotala la mabungwe amagwiritsa ntchito SMS OTP (chinsinsi chanthawi imodzi) pamodzi ndi mafunso achitetezo. Zotsatira zake, njira zowonjezera zotetezera ziyenera kukhazikitsidwa kuti zitetezedwe ku chiopsezo, zomwe zimawonjezera ndalama. Kugwiritsiridwa ntchito kwa njira zotsimikizirika zotetezeka kwambiri, monga makiyi a hardware cryptographic, amagwiritsidwa ntchito kawirikawiri, pafupifupi 5% ya mabungwe.
Mayendedwe owongolera omwe akusintha akulonjeza kufulumizitsa kukhazikitsidwa kwa kutsimikizika kwamphamvu kwa ogwiritsa ntchito. Ndi kukhazikitsidwa kwa PSD2, komanso malamulo atsopano oteteza deta ku EU ndi mayiko angapo a US monga California, makampani akumva kutentha. Pafupifupi 70% yamakampani amavomereza kuti amakumana ndi zovuta zowongolera kuti apereke chitsimikizo champhamvu kwa makasitomala awo. Oposa theka la mabizinesi amakhulupirira kuti mkati mwa zaka zingapo njira zawo zotsimikizira sizingakhale zokwanira kukwaniritsa miyezo yoyendetsera.
Kusiyana kwa njira za aphungu a ku Russia ndi America-European pachitetezo cha deta yaumwini ya ogwiritsa ntchito mapulogalamu ndi mautumiki akuwonekera bwino. Anthu aku Russia amati: eni eni okondedwa, chitani zomwe mukufuna komanso momwe mukufuna, koma ngati admin wanu aphatikiza nkhokwe, tidzakulangani. Akunena kunja: muyenera kukhazikitsa njira zomwe sindingalole kukhetsa maziko. Ichi ndichifukwa chake zofunikira za kutsimikizika kwazinthu ziwiri zikutsatiridwa pamenepo.
Zowona, sizowona kuti makina athu opangira malamulo tsiku lina sadzazindikiranso ndikuganizira zochitika zaku Western. Kenako zimakhala kuti aliyense ayenera kukhazikitsa 2FA, yomwe ikugwirizana ndi Russian cryptographic miyezo, ndipo mwachangu.
Kukhazikitsa ndondomeko yotsimikizirika yolimba kumapangitsa makampani kuti asinthe maganizo awo kuchoka pa zomwe akufunikira kuti akwaniritse zosowa za makasitomala. Kwa mabungwe omwe akugwiritsabe ntchito mapasiwedi osavuta kapena kulandira ma code kudzera pa SMS, chinthu chofunikira kwambiri posankha njira yotsimikizira kudzakhala kutsata zofunikira zowongolera. Koma makampani omwe amagwiritsa ntchito kale chitsimikiziro champhamvu akhoza kuyang'ana pa kusankha njira zotsimikizira zomwe zimawonjezera kukhulupirika kwa makasitomala.
Posankha njira yotsimikizira makampani mkati mwabizinesi, zofunikira pakuwongolera sizilinso chinthu chofunikira. Pankhaniyi, kumasuka kwa kuphatikiza (32%) ndi mtengo (26%) ndizofunikira kwambiri.
M'nthawi yachinyengo, achiwembu atha kugwiritsa ntchito imelo yamakampani kuti achite chinyengo kuti apeze mwayi wopeza deta, maakaunti (omwe ali ndi ufulu wofikira), komanso kukakamiza antchito kuti atumize ndalama ku akaunti yake. Chifukwa chake, ma imelo amakampani ndi ma portal account ayenera kutetezedwa bwino kwambiri.
Google yalimbitsa chitetezo chake pokhazikitsa chitsimikiziro champhamvu. Zaka zoposa ziwiri zapitazo, Google idasindikiza lipoti la kukhazikitsidwa kwa kutsimikizika kwazinthu ziwiri kutengera makiyi achitetezo a cryptographic pogwiritsa ntchito muyezo wa FIDO U2F, ndikuwonetsa zotsatira zochititsa chidwi. Malinga ndi kampaniyo, palibe chiwembu ngakhale chimodzi chomwe chidachitika kwa antchito oposa 85.
ayamikira
Limbikitsani kutsimikizika kolimba pamapulogalamu am'manja ndi pa intaneti. Kutsimikizika kwazinthu zambiri kutengera makiyi a cryptographic kumapereka chitetezo chabwinoko pakubera kuposa njira zachikhalidwe za MFA. Kuphatikiza apo, kugwiritsa ntchito makiyi a cryptographic ndikosavuta chifukwa palibe chifukwa chogwiritsa ntchito ndikusintha zina zowonjezera - mapasiwedi, mapasiwedi anthawi imodzi kapena data ya biometric kuchokera ku chipangizo cha wogwiritsa ntchito kupita ku seva yotsimikizira. Kuonjezera apo, kukhazikitsa ndondomeko zovomerezeka kumapangitsa kuti zikhale zosavuta kugwiritsa ntchito njira zatsopano zotsimikiziranso pamene zikupezeka, kuchepetsa ndalama zoyendetsera ntchito ndikuteteza kuzinthu zachinyengo zowonjezereka.
Konzekerani kutha kwa mawu achinsinsi anthawi imodzi (OTP). Kusatetezeka komwe kumachitika mu OTPs kukuchulukirachulukira pomwe zigawenga zapaintaneti zimagwiritsa ntchito uinjiniya, kupanga ma smartphone ndi pulogalamu yaumbanda kusokoneza njira zotsimikizira izi. Ndipo ngati ma OTP nthawi zina ali ndi ubwino wina, ndiye kuti pokhapokha pakuwona kupezeka kwa onse ogwiritsa ntchito, koma osati pakuwona chitetezo.
Sizingatheke kuti musazindikire kuti kulandira ma code kudzera pa SMS kapena Push zidziwitso, komanso kupanga ma code pogwiritsa ntchito mapulogalamu a mafoni a m'manja, ndiko kugwiritsa ntchito mawu achinsinsi a nthawi imodzi (OTP) omwe timafunsidwa kukonzekera kutsika. Kuchokera pamalingaliro aukadaulo, yankho lake ndi lolondola kwambiri, chifukwa ndi wachinyengo wosowa yemwe samayesa kupeza mawu achinsinsi anthawi imodzi kuchokera kwa wogwiritsa ntchito movutikira. Koma ndikuganiza kuti opanga makina oterowo adzamamatira kuukadaulo womwe ukupitabe mpaka kalekale.
Gwiritsani ntchito kutsimikizika kolimba ngati chida chotsatsa kuti muwonjezere kudalirika kwamakasitomala. Kutsimikizika kwamphamvu kumatha kuchita zambiri kuposa kungokweza chitetezo chenicheni cha bizinesi yanu. Kudziwitsa makasitomala kuti bizinesi yanu imagwiritsa ntchito chitsimikiziro champhamvu kumatha kulimbikitsa malingaliro a anthu pachitetezo cha bizinesiyo-chinthu chofunikira kwambiri pakakhala kufunikira kwamakasitomala panjira zotsimikizika zolimba.
Chitani zowunikira mozama komanso zowunikira zambiri zamakampani ndikuziteteza molingana ndi kufunikira kwake. Ngakhale ziwopsezo zazing'ono monga mauthenga okhudzana ndi kasitomala (ayi, kwenikweni, lipotilo likuti "chiwopsezo chochepa", ndizodabwitsa kwambiri kuti amanyalanyaza kufunikira kwa chidziwitsochi.), zitha kubweretsa phindu lalikulu kwa azachinyengo ndikuyambitsa mavuto kukampani.
Gwiritsani ntchito chitsimikiziro champhamvu chabizinesi. Machitidwe angapo ndi omwe amakopa kwambiri zigawenga. Izi zikuphatikiza machitidwe amkati ndi olumikizidwa ndi intaneti monga pulogalamu yowerengera ndalama kapena malo osungira data akampani. Kutsimikizika kolimba kumalepheretsa oukirawo kuti apeze mwayi wosaloledwa, komanso kumapangitsa kuti zitheke kudziwa bwino kuti ndi wantchito ati yemwe adachita zoyipazo.
Kodi Kutsimikizika Kwamphamvu Ndi Chiyani?
Mukamagwiritsa ntchito kutsimikizira mwamphamvu, njira zingapo kapena zinthu zimagwiritsidwa ntchito kutsimikizira kuti wogwiritsa ntchito ndi wowona:
- Chidziwitso: chinsinsi chogawana pakati pa wogwiritsa ntchito ndi mutu wotsimikizika wa wogwiritsa ntchito (monga mawu achinsinsi, mayankho ku mafunso otetezedwa, ndi zina zotero)
- Chifukwa cha umwini: chipangizo chomwe wogwiritsa ntchito yekha ali nacho (mwachitsanzo, foni yam'manja, kiyi ya cryptographic, ndi zina zotero)
- Chowonadi: mawonekedwe a thupi (nthawi zambiri a biometric) a wogwiritsa ntchito (mwachitsanzo, zala zala, mawonekedwe a iris, mawu, machitidwe, etc.)
Kufunika kuthyolako zinthu zingapo kumawonjezera mwayi wolephera kwa omwe akuwukira, chifukwa kudumpha kapena kunyenga zinthu zosiyanasiyana kumafuna kugwiritsa ntchito njira zingapo zozembera, pachinthu chilichonse padera.
Mwachitsanzo, ndi 2FA "password + smartphone," wowukira amatha kutsimikizira poyang'ana mawu achinsinsi a wogwiritsa ntchito ndikupanga kope lenileni la pulogalamu ya smartphone yake. Ndipo izi ndizovuta kwambiri kuposa kungoba mawu achinsinsi.
Koma ngati mawu achinsinsi ndi chizindikiro cha cryptographic chikugwiritsidwa ntchito kwa 2FA, ndiye kuti njira yokopera siigwira ntchito apa - ndizosatheka kubwereza chizindikirocho. Wachinyengo adzafunika kubera chizindikirocho mwachinsinsi kwa wogwiritsa ntchito. Ngati wogwiritsa ntchito akuwona kutayika mu nthawi ndikudziwitsa woyang'anira, chizindikirocho chidzatsekedwa ndipo zoyesayesa za wonyenga zidzakhala zopanda pake. Ichi ndichifukwa chake chinthu cha umwini chimafuna kugwiritsa ntchito zida zapadera zotetezedwa (zizindikiro) m'malo mogwiritsa ntchito zida wamba (mafoni a m'manja).
Kugwiritsa ntchito zinthu zonse zitatu kumapangitsa kuti njira yotsimikizirayi ikhale yodula kwambiri komanso kuti ikhale yovuta kugwiritsa ntchito. Choncho, zinthu ziwiri mwa zitatu zimagwiritsidwa ntchito nthawi zambiri.
Mfundo za kutsimikizika kwazinthu ziwiri zikufotokozedwa mwatsatanetsatane , mu block "Momwe kutsimikizika kwazinthu ziwiri kumagwirira ntchito".
Ndikofunikira kudziwa kuti chimodzi mwazinthu zotsimikizika zomwe zimagwiritsidwa ntchito potsimikizira mwamphamvu ziyenera kugwiritsa ntchito makiyi achinsinsi a anthu.
Kutsimikizika kolimba kumapereka chitetezo champhamvu kwambiri kuposa kutsimikizika kwa chinthu chimodzi kutengera mawu achinsinsi akale komanso MFA yakale. Mawu achinsinsi amatha kuyang'aniridwa kapena kulumikizidwa pogwiritsa ntchito ma keylogger, mawebusayiti achinyengo, kapena kuwukira kwaukadaulo (komwe wozunzidwayo amapusitsidwa kuti aulule mawu achinsinsi). Komanso, mwiniwake wachinsinsi sangadziwe chilichonse chokhudza kuba. MFA yachikhalidwe (kuphatikiza ma code a OTP, kumangiriza ku foni yam'manja kapena SIM khadi) imathanso kubedwa mosavuta, chifukwa sikutengera makiyi achinsinsi a anthu.Mwa njira, pali zitsanzo zambiri pamene, pogwiritsa ntchito njira zomwezo zaumisiri wamagulu, ochita chinyengo amakopa ogwiritsa ntchito kuti awapatse mawu achinsinsi kamodzi.).
Mwamwayi, kugwiritsa ntchito kutsimikizika kolimba ndi MFA zachikhalidwe zakhala zikuyenda bwino pakugwiritsa ntchito ogula ndi mabizinesi kuyambira chaka chatha. Kugwiritsiridwa ntchito kwa chitsimikiziro champhamvu pakugwiritsa ntchito ogula kwakula makamaka mofulumira. Ngati mu 2017 5% yokha yamakampani adagwiritsa ntchito, ndiye mu 2018 inali kale katatu - 16%. Izi zitha kufotokozedwa ndi kuchuluka kwa ma tokeni omwe amathandizira ma algorithms a Public Key Cryptography (PKC). Kuonjezera apo, kupanikizika kowonjezereka kuchokera kwa olamulira a ku Ulaya kutsatira kukhazikitsidwa kwa malamulo atsopano otetezera deta monga PSD2 ndi GDPR kwakhala ndi zotsatira zamphamvu ngakhale kunja kwa Ulaya (kuphatikizapo ku Russia).
Tiyeni tione bwinobwino manambala amenewa. Monga tikuonera, kuchuluka kwa anthu achinsinsi omwe amagwiritsa ntchito kutsimikizika kwazinthu zambiri kwakula ndi 11% mochititsa chidwi pachaka. Ndipo izi zidachitika momveka bwino pakuwononga okonda mawu achinsinsi, popeza ziwerengero za omwe amakhulupirira chitetezo chazidziwitso za Push, ma SMS ndi ma biometric sizinasinthe.
Koma ndi kutsimikizika kwazinthu ziwiri pakugwiritsa ntchito makampani, zinthu sizili bwino. Choyamba, malinga ndi lipotilo, 5% yokha ya ogwira ntchito adasamutsidwa kuchoka ku chidziwitso chachinsinsi kupita ku zizindikiro. Ndipo chachiwiri, chiwerengero cha omwe amagwiritsa ntchito njira zina za MFA m'malo ogwirira ntchito chawonjezeka ndi 4%.
Ndiyesera kusewera katswiri ndikupereka kutanthauzira kwanga. Pakatikati pa dziko la digito la ogwiritsa ntchito payekhapayekha pali foni yamakono. Chifukwa chake, ndizosadabwitsa kuti ambiri amagwiritsa ntchito kuthekera komwe chipangizocho chimawapatsa - kutsimikizika kwa biometric, zidziwitso za SMS ndi Push, komanso mapasiwedi anthawi imodzi opangidwa ndi mapulogalamu pa foni yamakono yomwe. Nthawi zambiri anthu saganizira za chitetezo komanso kudalirika akamagwiritsa ntchito zida zomwe adazolowera.
Ichi ndichifukwa chake kuchuluka kwa ogwiritsa ntchito zinthu zakale "zachikhalidwe" sikunasinthe. Koma omwe adagwiritsapo kale mapasiwedi amamvetsetsa momwe akuyika pachiwopsezo, ndipo posankha chinthu chatsopano chotsimikizika, amasankha njira yatsopano komanso yotetezeka - chizindikiro cha cryptographic.
Ponena za msika wamakampani, ndikofunikira kumvetsetsa kuti kutsimikizika kwadongosolo kumachitidwa. Ngati kulowa mu Windows domain kukhazikitsidwa, ndiye kuti ma tokeni a cryptographic amagwiritsidwa ntchito. Mwayi wowagwiritsa ntchito pa 2FA wamangidwa kale mu Windows ndi Linux, koma zosankha zina ndizotalika komanso zovuta kuzikwaniritsa. Zochuluka kwambiri pakusamuka kwa 5% kuchokera ku mapasiwedi kupita ku ma tokeni.
Ndipo kukhazikitsidwa kwa 2FA mu kachitidwe kazambiri kakampani kumadalira kwambiri ziyeneretso za opanga. Ndipo ndizosavuta kwa opanga kutenga ma module okonzeka kupanga mapasiwedi anthawi imodzi kuposa kumvetsetsa momwe ma algorithms a cryptographic amagwirira ntchito. Zotsatira zake, ngakhale mapulogalamu ofunikira kwambiri achitetezo monga Single Sign-On kapena Privileged Access Management systems amagwiritsa ntchito OTP ngati chinthu chachiwiri.
Zofooka zambiri mu njira zovomerezeka zachikhalidwe
Ngakhale mabungwe ambiri amadalirabe machitidwe a cholowa chimodzi, chiwopsezo cha kutsimikizika kwazinthu zambiri chikuwonekera kwambiri. Ma passwords anthawi imodzi, omwe amakhala ndi zilembo zisanu ndi chimodzi kapena zisanu ndi zitatu kutalika, zoperekedwa kudzera pa SMS, amakhalabe njira yodziwika bwino yotsimikizira (kupatula mawu achinsinsi, inde). Ndipo pamene mawu oti "kutsimikizika kwazinthu ziwiri" kapena "kutsimikizira masitepe awiri" atchulidwa m'manyuzipepala otchuka, pafupifupi nthawi zonse amatanthauza kutsimikizira mawu achinsinsi a SMS kamodzi.
Apa wolembayo walakwitsa pang'ono. Kupereka mapasiwedi anthawi imodzi kudzera pa SMS sikunakhalepo kutsimikizika kwazinthu ziwiri. Ili ndi mawonekedwe ake oyera kwambiri gawo lachiwiri la kutsimikizika kwa magawo awiri, pomwe gawo loyamba likulowetsa kulowa kwanu ndi mawu achinsinsi.
Mu 2016, National Institute of Standards and Technology (NIST) inasintha malamulo ake ovomerezeka kuti athetse kugwiritsa ntchito mawu achinsinsi a nthawi imodzi omwe amatumizidwa kudzera pa SMS. Komabe, malamulowa anali omasuka kwambiri kutsatira zionetsero zamakampani.
Kotero, tiyeni titsatire chiwembucho. Woyang'anira waku America amazindikira bwino kuti ukadaulo wakale sungathe kutsimikizira chitetezo cha ogwiritsa ntchito ndipo akuyambitsa miyezo yatsopano. Miyezo yopangidwa kuti iteteze ogwiritsa ntchito pa intaneti ndi mafoni (kuphatikiza akubanki). Makampaniwa akuwerengera kuchuluka kwa ndalama zomwe adzagwiritse ntchito pogula zizindikiro zodalirika za cryptographic, kukonzanso mapulogalamu, kuyika makiyi a anthu onse, ndipo "akukwera pamiyendo yakumbuyo." Kumbali imodzi, ogwiritsa ntchito anali otsimikiza za kudalirika kwa mawu achinsinsi a nthawi imodzi, ndipo kumbali ina, panali kuwukira kwa NIST. Zotsatira zake, muyezowo udachepetsedwa, ndipo kuchuluka kwa ma hacks ndi kuba kwa mapasiwedi (ndi ndalama zochokera ku mabanki) kudakwera kwambiri. Koma makampani sanafunikire kutulutsa ndalama.
Kuyambira pamenepo, zofooka zobadwa nazo za SMS OTP zawonekera kwambiri. Achinyengo amagwiritsa ntchito njira zosiyanasiyana kuti asokoneze mauthenga a SMS:
- Kubwereza kwa SIM khadi. Owukira amapanga kopi ya SIM (mothandizidwa ndi ogwira ntchito pa mafoni, kapena paokha, pogwiritsa ntchito mapulogalamu apadera ndi zida). Zotsatira zake, wowukirayo amalandira SMS yokhala ndi mawu achinsinsi anthawi imodzi. Pankhani ina yotchuka kwambiri, obera amatha kusokoneza akaunti ya AT&T ya Investor wa cryptocurrency Michael Turpin, ndikuba pafupifupi $24 miliyoni mu cryptocurrencies. Zotsatira zake, Turpin adanena kuti AT&T inali yolakwa chifukwa cha njira zotsimikizira zofooka zomwe zidapangitsa kubwereza kwa SIM khadi.
logic yodabwitsa. Ndiye ndiye vuto la AT&T lokha? Ayi, mosakayika ndi vuto la woyendetsa mafoni kuti ogulitsa m'sitolo yolumikizirana adapereka SIM khadi yobwereza. Nanga bwanji njira yotsimikizira kusinthana kwa cryptocurrency? Chifukwa chiyani sanagwiritse ntchito zizindikiro zolimba za cryptographic? Kodi zinali zachisoni kugwiritsa ntchito ndalama pokwaniritsa? Kodi si Michael yekha amene ali ndi mlandu? Chifukwa chiyani sanaumirire kusintha njira yotsimikizira kapena kugwiritsa ntchito kusinthanitsa kokhako komwe kumakhazikitsa kutsimikizika kwazinthu ziwiri kutengera zizindikiro za cryptographic?
Kukhazikitsidwa kwa njira zodalirika zotsimikizika kumachedwetsedwa ndendende chifukwa ogwiritsa ntchito amawonetsa kusasamala kodabwitsa asanabere, ndipo pambuyo pake amadzudzula mavuto awo pa wina aliyense ndi china chilichonse kupatula matekinoloje akale komanso "otayikira" otsimikizira.
- Malware. Imodzi mwa ntchito zoyambilira za pulogalamu yaumbanda yam'manja inali kutumiza ndi kutumiza mameseji kwa omwe akuukira. Komanso, munthu-mu-msakatuli ndi munthu-pakati-pakati amatha kusokoneza mawu achinsinsi anthawi imodzi akalowetsedwa pa laputopu kapena zida zapakompyuta.
Pulogalamu ya Sberbank pa foni yanu yam'manja ikathwanima chizindikiro chobiriwira mu bar, imayang'ananso "umbanda" pa foni yanu. Cholinga cha chochitikachi ndikusintha malo osadalirika a foni yamakono kukhala, mwanjira ina, yodalirika.
Mwa njira, foni yamakono, ngati chipangizo chosadalirika chomwe chingachitike chilichonse, ndi chifukwa china chogwiritsira ntchito kuti chitsimikizidwe. zizindikiro za hardware zokha, zomwe zimatetezedwa komanso zopanda ma virus ndi Trojans. - Social engineering. Akabera akadziwa kuti wozunzidwayo ali ndi ma OTP omwe amathandizidwa kudzera pa SMS, amatha kulumikizana ndi wozunzidwayo mwachindunji, akuwoneka ngati bungwe lodalirika monga banki yawo kapena bungwe la ngongole, kunyengerera wozunzidwayo kuti apereke nambala yomwe walandira kumene.
Ndakumanapo ndi chinyengo chamtunduwu nthawi zambiri, mwachitsanzo, poyesa kugulitsa chinthu pamsika wotchuka wapaintaneti. Ineyo ndinamuseka wachinyengo yemwe ankafuna kundipusitsa mpaka kukhutitsidwa ndi mtima wanga. Koma tsoka, nthawi zonse ndimawerenga m'nyuzipepala kuti munthu winanso wozunzidwa "sanaganize," adapereka nambala yotsimikizira ndikutaya ndalama zambiri. Ndipo zonsezi ndichifukwa choti banki simangofuna kuthana ndi kukhazikitsidwa kwa zizindikiro za cryptographic muzogwiritsa ntchito. Kupatula apo, ngati china chake chachitika, makasitomala "ali ndi mlandu."
Ngakhale njira zina zoperekera OTP zitha kuchepetsa zovuta zina munjira yotsimikizirayi, zofooka zina zikadalipo. Mapulogalamu opangira ma code standalone ndiye chitetezo chabwino kwambiri kuti asamve, chifukwa ngakhale pulogalamu yaumbanda siyitha kulumikizana mwachindunji ndi jenereta yama code (kwambiri? Kodi wolemba lipoti anayiwala za remote control?), koma ma OTP amatha kulumikizidwa akalowa mu msakatuli (mwachitsanzo kugwiritsa ntchito keylogger), kudzera pa pulogalamu yam'manja yomwe yabedwa; ndipo atha kupezedwanso mwachindunji kwa wogwiritsa ntchito pogwiritsa ntchito social engineering.
Kugwiritsa ntchito zida zingapo zowunikira zoopsa monga kuzindikira zida (kuzindikira zoyesa kuchita zotuluka kuchokera ku zida zomwe sizili za wogwiritsa ntchito mwalamulo, geolocation (wogwiritsa ntchito yemwe wangokhala ku Moscow amayesa kuchita opareshoni kuchokera ku Novosibirsk) ndi kusanthula kwamakhalidwe ndikofunikira pothana ndi zofooka, koma palibe njira yothetsera vuto. Pazochitika zilizonse ndi mtundu wa deta, m'pofunika kufufuza mosamala zoopsa ndikusankha teknoloji yovomerezeka yomwe iyenera kugwiritsidwa ntchito.
Palibe yankho lovomerezeka ndi panacea
Chithunzi 2. Tebulo la zosankha zovomerezeka
| Kutsimikizika | Factor | mafotokozedwe | Zofooka zazikulu |
| Achinsinsi kapena PIN | Chidziwitso | Mtengo wokhazikika, womwe ungaphatikizepo zilembo, manambala ndi zilembo zina zingapo | Zitha kulandidwa, kuziwona, kubedwa, kunyamulidwa kapena kubedwa |
| Kutsimikizika kozikidwa pa chidziwitso | Chidziwitso | Amafunsa mayankho omwe wogwiritsa ntchito mwalamulo yekha angadziwe | Itha kulandidwa, kunyamulidwa, kupezedwa pogwiritsa ntchito njira zama engineering |
| Zida za OTP () | Kukhala nazo | Chipangizo chapadera chomwe chimapanga mawu achinsinsi anthawi imodzi | Khodi ikhoza kulandidwa ndikubwerezedwa, kapena chipangizocho chitha kubedwa |
| Mapulogalamu OTPs | Kukhala nazo | Pulogalamu (ya m'manja, yofikirika kudzera pa msakatuli, kapena kutumiza ma code ndi imelo) yomwe imapanga mawu achinsinsi anthawi imodzi | Khodi ikhoza kulandidwa ndikubwerezedwa, kapena chipangizocho chitha kubedwa |
| SMS OTP | Kukhala nazo | Mawu achinsinsi anthawi imodzi amaperekedwa kudzera pa meseji ya SMS | Khodi ikhoza kulandidwa ndikubwerezedwa, kapena foni yamakono kapena SIM khadi ikhoza kubedwa, kapena SIM khadi ikhoza kubwerezedwa. |
| Smart Cards () | Kukhala nazo | Khadi lomwe lili ndi cryptographic chip ndi kukumbukira kiyi yotetezedwa yomwe imagwiritsa ntchito makiyi agulu kuti atsimikizire | Atha kubedwa mwakuthupi (koma wowukira sangathe kugwiritsa ntchito chipangizocho popanda kudziwa PIN code; ngati pali zoyesa zingapo zolakwika, chipangizocho chidzatsekedwa) |
| Makiyi achitetezo - zizindikiro (, ) | Kukhala nazo | Chipangizo cha USB chomwe chili ndi cryptographic chip ndi makiyi otetezedwa omwe amagwiritsa ntchito makiyi agulu kuti atsimikizire | Itha kubedwa (koma wowukira sangathe kugwiritsa ntchito chipangizocho popanda kudziwa nambala ya PIN; ngati atayesa kangapo molakwika, chipangizocho chidzatsekedwa) |
| Kulumikizana ndi chipangizo | Kukhala nazo | Njira yomwe imapanga mbiri, nthawi zambiri pogwiritsa ntchito JavaScript, kapena kugwiritsa ntchito zolembera monga makeke ndi Flash Shared Objects kuwonetsetsa kuti chipangizo china chikugwiritsidwa ntchito. | Zizindikiro zimatha kubedwa (kukopera), ndipo mawonekedwe a chipangizo chovomerezeka angatsanzire woukira pa chipangizo chake. |
| Makhalidwe | Chikhalidwe | Imasanthula momwe wogwiritsa ntchito amalumikizirana ndi chipangizo kapena pulogalamu | Khalidwe likhoza kutsanziridwa |
| Zidindo za zala | Chikhalidwe | Zisindikizo zala zomwe zasungidwa zimafananizidwa ndi zomwe zimagwidwa ndi maso kapena pakompyuta | Chithunzicho chikhoza kubedwa ndikugwiritsidwa ntchito potsimikizira |
| Kujambula m'maso | Chikhalidwe | Yerekezerani mawonekedwe a maso, monga mawonekedwe a iris, ndi masikanidwe atsopano | Chithunzicho chikhoza kubedwa ndikugwiritsidwa ntchito potsimikizira |
| Kuzindikira nkhope | Chikhalidwe | Maonekedwe a nkhope amafananizidwa ndi makina atsopano opangira maso | Chithunzicho chikhoza kubedwa ndikugwiritsidwa ntchito potsimikizira |
| Kuzindikira mawu | Chikhalidwe | Makhalidwe a chitsanzo cha mawu ojambulidwa amafananizidwa ndi zitsanzo zatsopano | Cholembedwacho chikhoza kubedwa ndikugwiritsidwa ntchito kutsimikizira, kapena kutsanzira |
Mu gawo lachiwiri la kufalitsa, zinthu zokoma kwambiri zikutiyembekezera - manambala ndi zowona, zomwe ziganizo ndi malingaliro omwe aperekedwa mu gawo loyamba amachokera. Kutsimikizika m'mapulogalamu ogwiritsira ntchito ndi machitidwe azakampani kudzakambidwa mosiyana.
Ndikuwonani posachedwa!
Source: www.habr.com