Let me hazard a wild guess: the system of passwords you use on the internet – for accessing online banking, email, shopping sites, Twitter and Facebook accounts – is a mess.
让我大胆猜测一下:你在互联网上使用的,用于访问网上银行、电子邮件、购物网站、Twitter和Facebook账户的密码系统是一团糟。
You know perfectly well what you ought to be doing: for each site you visit, you should be choosing a different, complex sequence of letters, numbers and symbols, and then memorising it. (That's rule number one of the conventional wisdom on passwords: never, ever write them down.) But you don't do this, because you weren't blessed with a brain that's capable of such feats.
你完全知道自己应该怎么做:你所访问的每个网站,你都应该选择一个由字母、数字和符号组成的不同且复杂的序列,然后记住它。(这是关于密码常规智慧的第一原则:永远不要把它们写下来。)但你不会这样做,因为你无福拥有具备此类技能的大脑。
So instead you use the same familiar words for every site – your dog's name, the name of your street – with occasional ingenious permutations, such as adding "123" at the end. Or maybe you do try to follow the rules, in which case you're probably constantly getting locked out of your bank account or trying to remember the answers to various absurd security questions. ("What was your favourite sport as a child?") And things are getting worse: these days, you find yourself forced to choose passwords with both upper- and lower-case letters, and what normal human being can remember multiple combinations of those? Not you, that's for sure.
因此,你每一个网站都使用同样熟悉的单词——你家狗的名字、你家街道的名字 ——偶尔巧妙的排列一下,如结尾加个“123”。或者,也许你的确尝试了遵循这样的规则,某些情况下,你可能总是进不了你的银行帐户或试图记住各种荒谬的安全问题的答案。 (“你小时候最喜欢的运动是什么?”)事情变得越来越糟糕:这些天,你会发现自己要被迫选择大写和小写字母组成的密码,哪个正常人可以记住这样的多个组合?不是你,这是肯定的。
One reason not to feel too guilty about your bad password behaviour is that it seems to be almost universal. Last month, an analysis of leaked pin numbers revealed that about one in 10 of us uses "1234"; a recent security breach at Yahoo showed that thousands of users' passwords were either "password", "welcome", "123456" or "ninja". People choose terrible passwords even when more is at stake than their savings
对于自己的糟糕密码行为不用感到太内疚的一个原因是它好像是几乎普遍的。上个月,泄漏的密码分析显示,我们中大约有十分之一的人使用“1234”,雅虎最近的安全漏洞表明,成千上万的用户密码不是"password"、 "welcome"、"123456" 就是"ninja".即使他们的财产会面临更多的风险,人们还是选择糟糕的密码。
Password hacking takes many different forms, but one crucial thing to understand is that it's often not a matter of devilish cunning but of bludgeoning with brute force.
密码黑客会采取多种不同的形式,但要明白关键的一件事是,它通常不是恶魔般的狡猾,而是蛮力的使用。
This is where the length of your password makes an almost unbelievable difference. For a hacker with the computing power to make 1,000 guesses per second, a five-letter, purely random, all-lower-case password, such as "fpqzy", would take three and three-quarter hours to crack. Increase the number of letters to 20, though, and the cracking time increases, just a little bit: it's 6.5 thousand trillion centuries.
你密码的长度可以产生几乎令人难以置信的差异。对于黑客的计算能力,每秒1000次猜测, 5个字母、完全随机、全小写的密码,如“fpqzy”,只要花费3小时45分钟来破解。把字母数增加到20,只是一点点,但破解的时间增加:这将是6500万亿个世纪。
Then there's the question of predictability. Nobody thinks up passwords by combining truly random sequences of letters and numbers; instead they follow rules, like using real words and replacing the letter O with a zero, or using first names followed by a year. Hackers know this, so their software can incorporate these rules when generating guesses, vastly reducing the time it takes to hit on a correct one. If you think you've got a clever system for coming up with passwords, the chances are that hackers are already familiar with it.
这样就有可预测性的问题。没有人想出密码是由字母和数字真正随机组合的序列;相反,他们遵守规则,像使用真正的单词和用“zero”替换字母“O”,或在名字后面加上年份。黑客们知道这一点,所以他们的软件在进行猜测时可以兼容这些规则,大大减少了猜中正确答案所花费的时间。如果你认为你已经有了一个想出密码的聪明方法,很有可能黑客们早已熟悉它了。
The least hackable password, then, would be a long string of completely random letters, numbers, spaces and symbols – but you'd never remember it. However, because length matters so much, the surprising truth is that a longish string of random English words, all in lower case – say, "awoken wheels angling ostrich" – is actually much more secure than a shorter password that follows your bank's annoying rules, such as "M@nch3st3r". And easier to remember: you've already formed a memorable image of some noisy wheels waking up an ostrich fishing by a riverbank, haven't you?
那么最不容易被破解的密码,将是由完全随机的字母、数字、空格和符号组成的一串很长的字符- 但你永远记不住它。然而,因为长度那么重要,令人惊喜的真相是,一串随机英语单词组成的长长的字符,全是小写字母——写着“苏醒车轮钓鱼避世者”——其实比你遵循银行恼人的规则设置的短密码更加安全,如“M @ nch3st3r”。而且更容易记住:你已经形成了一个难忘的印象,一些吵闹的车轮吵醒避世的人在河边钓鱼,是不是?
One day, we may not have to worry about any of this: there are innovations in development that might replace passwords entirely. Touchscreens could be configured to detect subtle aspects of your interactions with your computer – the distances between your fingers, the speeds at which you tap and scroll.
有一天,我们可能不用再担心这些:发展的创新可能会完全取代密码。触屏可以配置得发现你和你电脑之间微妙的互动——通过你手指之间的距离、你打字和滚动的速度。
下一篇: 加州理工学院蝉联世界最佳大学
2017届高考英语一轮语法专题突破课件:9 虚拟语气(重庆大学版)
2016届高考(浙江、江苏)英语二轮复习检测:第3部分 考前30天 考前第13天
2017届高考英语一轮语法专题突破课件:10 定语从句(重庆大学版)
2016届高考(浙江、江苏)英语二轮复习检测:第3部分 考前30天 考前第7天
2016届高考英语二轮复习课时提升练:15 必修5 Unit 15 Learning(北师大版)
2016届高考(浙江、江苏)英语二轮复习检测:第3部分 考前30天 考前第22天
2017届高考英语一轮复习练习:必修1 Module 4 A Social Survey-My Neighbourhood(外研版)
2016届高考(浙江、江苏)英语二轮复习检测:第3部分 考前30天 考前第30天
2017届高考英语一轮复习练习:必修1 Module 6 The Internet and Telecommunications(外研版)
2017届高考英语一轮语法专题突破课件:13 特殊句式(重庆大学版)
2016届高考(浙江、江苏)英语二轮复习检测:第3部分 考前30天 考前第15天
2017届高考英语一轮语法专题突破课件:5 数词和主谓一致(重庆大学版)
2016届高考(浙江、江苏)英语二轮复习检测:第3部分 考前30天 考前第21天
2017届高考英语一轮语法专题突破课件:12 名词性从句(重庆大学版)
2016届高考(浙江、江苏)英语二轮复习检测:第3部分 考前30天 考前第18天
2016届高考英语二轮复习课时提升练:10 必修4 Unit 10 Money(北师大版)
2017届高考英语一轮复习练习:必修1 Module 5 A Lesson in a Lab(外研版)
2017届高考英语一轮复习练习:必修2 Module 3 Music(外研版)
2017届高考英语一轮复习练习:必修2 Module 4 Fine Arts-Western, Chinese and Pop Arts(外研版)
2016届高考英语二轮复习课时提升练:12 必修4 Unit 12 Culture Shock(北师大版)
2016届高考(浙江、江苏)英语二轮复习检测:第3部分 考前30天 考前第14天
2016届高考(浙江、江苏)英语二轮复习检测:第3部分 考前30天 考前第24天
2016届高考(浙江、江苏)英语二轮复习检测:第3部分 考前30天 考前第10天
2016届高考英语二轮复习课时提升练:14 必修5 Unit 14 Careers(北师大版)
2016届高考(浙江、江苏)英语二轮复习检测:第3部分 考前30天 考前第9天
2017届高考英语一轮语法专题突破课件:11 连词和状语从句(重庆大学版)
2016届高考(浙江、江苏)英语二轮复习检测:第3部分 考前30天 考前第29天
2016届高考(浙江、江苏)英语二轮复习检测:第3部分 考前30天 考前第16天
2017届高考英语一轮复习练习:必修1 Module 2 My New Teachers(外研版)
2016届高考(浙江、江苏)英语二轮复习检测:第3部分 考前30天 考前第25天