Users re-use passwords for multiple services. |
Watumiaji hutumia tena nywila kwa huduma nyingi. |
If an attacker gains access to one server and can gain a list of passwords, he may be able to use this password to attack other services. |
Ikiwa mshambulizi anapata upatikanaji wa seva moja na anaweza kupata orodha ya nywila, anaweza kutumia nywila hii kushambulia huduma zingine. |
Therefore, only password hashes may be stored. |
Kwa hiyo, hashes tu ya nywila inaweza kuhifadhiwa. |
Secure hashing algorithms are easy to use in most languages and ensure the original password cannot be easily recovered and that wrong passwords are not falsely accepted. |
Algorithms salama ya hashing ni rahisi kutumia katika lugha nyingi na kuhakikisha password ya awali haiwezi kupona kwa urahisi na kwamba nywila mbaya si uongo kukubalika. |
Adding salts to the password hashes prevents the use of rainbow tables and significantly slows down brute-force attempts. |
Kuongeza chumvi kwenye hashes password kuzuia matumizi ya meza za upinde wa mvua na kwa kiasi kikubwa kupunguza kasi ya majaribio ya nguvu ya kikatili. |
Strengthening slows both off-line brute-force attacks against stolen hashes and on-line brute-force in case the rate limiting fails. |
Kuimarisha polepole mashambulizi yote ya nguvu ya nje ya mstari dhidi ya hashes kuibiwa na nguvu ya kikatili ya mstari ikiwa kiwango cha kupunguza kinashindwa. |
However, it increases CPU load on the server and would open a vector for DDoS attacks if not prevented with login attempt limiting. |
Walakini, inaongeza mzigo wa CPU kwenye seva na itafungua vekta kwa mashambulizi ya DDoS ikiwa haitazuiliwa na kikomo cha jaribio la kuingia |
A good strengthening can slow down off-line brute-force attacks down by a factor of 10000 or more. |
Uimarishaji mzuri unaweza kupunguza kasi ya mashambulizi ya nguvu ya brute-chini na sababu ya 10000 au zaidi. |
Limiting login attempts is necessary to prevent on-line brute-force attacks and DoS via the CPU usage of the password strengthening procedure. |
Kupunguza majaribio ya kuingia ni muhimu kuzuia mashambulizi ya nguvu ya brute-nguvu na DoS kupitia matumizi ya CPU ya utaratibu wa kuimarisha nenosiri. |
Without a limit, an attacker can try a very large number of passwords directly against the server. |
Bila kikomo, mshambulizi anaweza kujaribu idadi kubwa sana ya nywila moja kwa moja dhidi ya seva. |
Assuming 100 attempts per second, which is reasonable for a normal web server, no significant strengthening and an attacker working with multiple threads, this would result in 259,200,000 passwords tried in a single month! |
Kwa kudhani majaribio ya 100 kwa sekunde, ambayo ni busara kwa seva ya kawaida ya wavuti, hakuna kuimarisha kubwa na mshambulizi anayefanya kazi na nyuso nyingi, hii itasababisha nywila 259,200,000 zilizojaribu katika mwezi mmoja! |
Not enforcing any password policies will lead to too many users choosing “123456”, “qwerty” or “password” as their password, opening the system up for attack. |
Kutokutimiza sera zozote za nywila kutasababisha watumiaji wengi sana kuchagua "123456", "qwerty" au "password" kama nywila yao, kufungua mfumo juu kwa mashambulizi. |
Enforcing too strict password policies will force users to save passwords or write them down, generally annoy them and foster re-using the same password for all services. |
Kutekeleza sera kali sana za nywila kutalazimisha watumiaji kuokoa nywila au kuziandika, kwa ujumla kuwakasa na kukuza tena kutumia nywila sawa kwa huduma zote. |
Furthermore, users using secure passwords not matching the policies may be forced to use passwords which are harder to remember, but not necessarily secure. |
Zaidi ya hayo, watumiaji wanaotumia nywila salama kutooana na sera zinaweza kulazimishwa kutumia nywila ambazo ni ngumu kukumbuka, lakini sio salama. |
A password consisting of 5 concatenated, randomly (!) chosen lowercase dictionary words is significantly more secure than an eight-character password consisting of mixed case letters, numbers and punctuation. |
Nywila inayojumuisha 5 concatenated, nasibu (!) kuchaguliwa chini kamusi maneno ni salama zaidi kuliko nywila ya tabia nane yenye herufi mchanganyiko wa kesi, namba na uakifishi. |
Take this into account if you do not get a password policy to implement, but have to design your own. |
Zingatia hili ikiwa hupati sera ya nywila ya kutekeleza, lakini lazima usanifu mwenyewe. |