Xut bn Security In A Box (https://info.securityinabox.

org)
Trang ch > Bn in PDF > Bn in PDF

3. Lm th no to v duy tr mt khu bo mt
C rt nhiu dch v bo mt cho php chng ta p dng cng ngh k thut s mt cch d dng vo nhng lnh vc
quan trng. T vic ng nhp vo my tnh, gi v nhn th in t ti vic m ha [1] v n giu nhng d liu ti mt,
u i hi chng ta phi ghi nh mt mt khu. Nhng cm t, cu, hay chui k t ln xn c gi b mt ny thng
l ro cn u tin, i khi l duy nht ng gia d liu ca bn v nhng k t m mun c, sao chp, sa i hay
ph hy chng d khng c s cho php ca bn. C rt nhiu cch m ai c th d bit c mt khu ca bn,
tuy nhin bn c th ngn chn hu ht nhng cch bng vic p dng mt s sch lc c th cng nh s dng
mt cng c c s d liu bo v mt khu [2] , nh phn mm KeePass [3] .

Tnh hung c bn
Mansour v Magda l hai anh em mt t nc ni ting rp. H c mt trang web c nhn ni h cng b mt cch
nc danh nhng xm phm v cc chin dch v nhn quyn nhm tc ng thay i chnh tr. Magda gn y c gng
truy cp vo hp th c nhn ca mnh nhng pht hin ra rng mt khu ca c b thay i. Sau khi thit lp li
mt khu ca mnh, c c th truy cp vo hp th nhng khi m hp th n, c pht hin rng mt s th mi b nh
du l b c. C nghi ng rng c k ni gin vi ng c chnh tr d bit c mt khu m c dng chung cho
nhiu ti khon truy cp trang web khc nhau. C s tm gp Mansour, ngi c t kinh nghim v my tnh hn c
trao i v tnh hnh v cp iu c quan ngi.

Nhng iu bn c th hc c t chng ny
Cc thnh phn to nn mt mt khu bo mt
Mt vi mo gip nh nhng mt khu di v phc tp
S dng phn mm qun l mt khu [2] KeePass [3] lu gi cc mt khu thay v phi ghi nh chng

La chn v duy tr mt khu bo mt

Nhn chung, khi bn mun bo v mt th g , bn kha n bng mt chic cha kha. Nh, xe t hay xe p u c
nhng chic cha kha vt l; nhng tp c bo v c nhng cha kha m ha [1] ; th nh bng c cc m c nhn; v
cc ti khon th in t c cc mt khu. Tt c nhng kha , vt l hay in t u c mt im chung: chng m
nhng kha tng ng nh nhau khi nm trong tay bt k ai. Bn c th ci t cc tng la tin tin, cc ti khon
hp th c bo mt, hay cc a c m ha [1] . Nhng nu mt khu ca bn khng mnh, hoc nu bn
n lt vo tay k xu, chng cng khng gip g cho bn.

Cc cu thnh ca mt mt khu mnh

Mt mt khu mnh cn phi kh cho mt chng trnh my tnh mun ph.
To mt khu di: Mt mt khu cng di th cng t kh nng chng trnh my tnh c th ph c trong
khong thi gian ng k cho php. Bn nn to mt khu vi di t mi k t tr ln. Nhiu ngi thng s
dng nhng mt khu gm nhiu hn mt t, c hoc khng c cc trng gia cc t, thng c gi l cc
on mt khu. y l mt tng hay, mt khi chng trnh hay dch v bn s dng cho php bn chn nhng
mt khu di.
To mt khu phc tp: Ngoi di, phc tp ca mt khu cng gip chng li cc phn mm ph kha
tm cch d on t hp cc k t. Bt c khi no c th, bn lun nn s dng cc k t hoa, k t thng, s v
cc biu tng, v d nh du gch ngang trong mt khu ca mnh.
Mt mt khu cn phi kh ngi khc c th tm ra c.
Cn thc t: Nu bn phi ghi mt khu ca mnh xung u v bn khng th nh c n, bn c th phi
i mt vi mt lot cc nguy c d dng b mt mt khu vo tay nhng ai c th nhn vo bn lm vic hay ln
vo nh, m v hoc thm ch lc thng rc bn ngoi vn phng lm vic ca bn. Nu bn khng th ngh ra mt
mt khu di v phc tp nhng vn c th ghi nh c d dng, mc Ghi nh mt khu bo mt [4] bn di
y c th gip phn no. Nu khng th bn vn cn to mt mt khu an ton, nhng bn c th cn ti
mt phn mm qun l mt khu [2] nh KeePass [3] . Cc loi tp c mt khu bo v, bao gm c cc ti liu
Microsoft Word u khng ng tin cy cho mc ch ny, do a phn chng u d dng b ph trong vi giy bi
cc cng c c sn t Internet.
Khng to mt khu cha nhng yu t c nhn: Mt khu ca bn khng nn cha nhng yu t lin quan ti
c nhn bn. Khng nn chn nhng t hay nhng on da trn nhng thng tin nh h tn, s chng minh, s
in thoi, tn con, tn vt nui, ngy sinh ca bn hay nhng th tng t m mt ngi khc c th d ra mt

khu bng cc tm hiu cc thng tin v c nhn bn.

Gi b mt: Khng nn l thng tin mt khu vi bt k ai tr khi iu l thc s cn thit. V nu bn phi
chia s mt khu ca mnh vi mt ngi bn, mt thnh vin trong gia nh hay ng nghip, bn cn thay i n
sang mt mt khu tm thi, chia s mt khu tm thi ny v thay i li khi xong vic. Thng thng, c cc
gii php thay th vic chia s mt khu, nh l to hai ti khon ring bit cho tng c nhn cn truy cp. Gi b
mt mt khu cng c ngha l bn cn xem liu c ai c th nhn t pha sau bn lc bn g mt khu hay d
tm trong c s d liu mt khu [2] ca bn.
Mt mt khu c chn sao cho nu b lt vo tay ai th thit hi l nh nht.
Mt khu ring: Trnh vic dng chung mt khu cho nhiu hn mt ti khon. Nu khng th ai bit c mt
khu ca bn c th truy cp nhiu thng tin mt ca bn. iu ny rt ng v c nhiu dch v rt d dng b ph
mt khu. Ly v d, nu bn s dng chung mt khu cho ti khon ng nhp Windows v ti khon th in t
Gmail. Ai c th truy cp my tnh ca bn d ra mt khu ng nhp u tin v s dng n truy cp vo
ti khon kia. Cng l do tng t, iu nn trnh l quay vng s dng mt khu gia cc ti khon khc nhau.
Thay i mt khu: Lun thng xuyn thay i mt khu ca bn, tt nht l c sau ba thng thay i mt ln.
Nhiu ngi thng gn cht vi mt mt khu no v khng bao gi thay i n. y l mt iu nn trnh .
Bn gi nguyn mt mt khu cng lu, ngi khc cng c c hi d ra n. Thm na, nu ai c th s dng
mt khu nh cp ca bn ly trm thng tin m bn khng hay bit, h s tip tc thc hin c nh vy
cho n khi bn thay i mt khu.
Mansour: Nu anh tin tng ai ? Th vic ni cho ngi mt khu cng c, phi khng?
Magda: Trc ht, ch v anh tin tng ai v mt khu ca mnh, khng nht thit c ngha l anh tin tng h s gi
mt khu ca anh cn thn, ng khng no? Ngay c khi ti khng dng mt khu ca anh vo vic xu, ti c th s
ghi n xung u v nh mt hay i loi nh vy. c th l l do em ang gp vn hin ti. Thm na, y
khng phi l vn lng tin. Nu anh l ngi duy nht bit mt khu ca mnh, anh khng phi ph thi gian li
cho ai nu ti khon ca anh b t nhp. Ngay lc ny, ly v d, em cm thy kh chc chn rng ai d on ra
mt khu ca mnh v em khng bao gi ghi n xung hay tit l cho ai c.

Ghi nh v lu gi mt khu bo mt
Xem li danh sch cc hng dn pha trn, bn c th bn khon lm sao ai khng c mt tr nh in t li c th
ghi nh c nhng mt khu di, phc tp v khng mang ngha g m khng phi ghi chng xung u . Tm
quan trng ca vic s dng cc mt khu khc nhau cho nhng ti khon khc nhau khin cho vic ny cng kh khn
hn. Tuy nhin, c mt s mo c th gip bn to ra nhng mt khu d dng ghi nh nhng cc k kh d on,
thm ch i vi nhng chuyn gia c trang b phn mm ph kha tin tin. Bn cng c thm s la chn lu tr cc
mt khu s dng phn mm qun l mt khu KeePass [3] c to ring cho mc ch ny.

Ghi nh cc mt khu bo mt
Vic s dng cc loi k t khc nhau khi to mt khu rt quan trng. iu ny c th t c theo nhiu cch khc
nhau:
Thay i vic s dng ch hoa, v d: TN tI khNg pHi l NGI ViP
Thay th gia s v k t, v d: ch1 l4m vi3c v4 k50ng vu1 ch1
S dng nhng k t c bit: v d: c@(he1Rnthery3
S dng trn ln nhiu ngn ng, v d Ti loVe Ni, You aI wo Ma?
Tt c nhng cch ny c th gip bn tng kh ca mt mt khu ng ra l kh d d on, v cho php bn la
chn mt mt khu c bo mt cao m khng phi t b vic n c th ghi nh d dng. Mt s s thay th (nh vic
s dng s 0 thay cho ch o hay k t @ thay cho ch a) t lu c a vo trong cc phn mm ph kha, tuy nhin
vic dng chng vn l tng tt. Chng lm tng thi gian m cc cng c cn ph mt khu ca bn v trong
trng hp khng c trang b nhng cng c loi ny th vic d on s gp kh khn.
Cc mt khu cng c th s dng u im ca cc cch thc ghi nh gi nh truyn thng [5] , nh phng thc s
dng t u tin ca mi ch. iu ny cho php cc on di tr thnh nhng ch ging nh ngu nhin v rt phc
tp:
To be or not to be? That is the question tr thnh 2Bon2B?TitQ
We hold these truths to be self-evident: that all men are created equal tr thnh: WhtT2bs-e:taMac=
Are you happy today? tr thnh: rU:-)2d@y?
Trn y ch l mt s v d gip bn t c nhng phng n ring m ha cc t v cu khin chng tr ln
phc tp nhng li d nh.

Ghi nh mt khu mt cch an ton

Ch mt cht sng to c th gip bn ghi nh tt c cc mt khu ca mnh, s cn thit ca vic thay i chng mt
cch thng xuyn c th khin bn khng sng to kp. C th thay th bng cch bn to ra cc mt khu c tnh ngu
nhin v an ton cho hu ht cc ti khon ca bn v t b vic phi ghi nh tt c chng. Thay vo bn c th
lu tr chng trong mt c s d liu mt khu bo mt bng m ha [2] , nh phn mm KeePass [3] .
Thc hnh: Hy bt u vi Hng dn s dng KeePass [6]
Tt nhin, nu bn s dng phng php ny, mt iu rt quan trng l bn to v ghi nh mt mt khu c tnh bo
mt rt cao dng cho KeePass [3] , hay bt k cng c lu tr mt khu no khc m bn s dng. Bt k lc no cn
nhp mt khu cho mt ti khon no, bn c th tm thy n v ch phi s dng duy nht mt mt khu chnh, iu ny
khin cho vic tun theo cc hng dn trn tr nn d dng hn.
KeePass [3] l phn mm chy khng cn ci t, ngha l bn c th lu c s d liu mt khu trong mt th nh USB
lu ng trong trng hp bn cn tm mt mt khu trong khi bn di chuyn khi chic my tnh chnh ca mnh.
Tuy y c th l s la chn tt nht cho nhng ai cn qun l mt s lng ln cc ti khon, c mt s nhc im
khi s dng phng php ny. u tin l vic bn c th mt hay l xa i bn duy nht ca d liu mt khu, bn s
khng c cch no truy cp vo cc ti khon bng nhng mt khu ny na. Do vy vic sao lu c s d liu KeePass
[3] l v cng quan trng. Xem Chng 5: Lm sao khi phc d liu b mt [7] bit thm v cc phng thc
sao lu d liu. Rt may mn l c s d liu mt khu ca KeePass c m ha nn bn khng phi lo lng nu l
nh mt th nh USB hay d phng c cha bn sao lu ca n.
Nhc im ln th hai thm ch c th nghim trng hn. Nu bn qun mt mt khu chnh m KeePass [3] , khng
c cch no khi phc li c n hay ni dung ca c s d liu mt khu. V vy, hy chc chn rng bn chn mt
mt khu gm c hai yu t: mnh v d nh!
Mansour: i mt pht, Nu KeePass s dng mt mt khu chnh qun l tt c cc mt khu khc th lm sao n li
bo mt tt hn l vic s dng chung mt mt khu cho tt c cc ti khon ca mnh? anh l nu mt k xu no
bit c mt khu chnh th hn cng s truy cp vo c mi th, ng khng?
Magda: y l mt suy ngh hay, v anh ng khi ni vic bo v mt khu chnh l v cng quan trng, nhng y c
mt s im khc nhau c bn. Trc ht, k xu ny khng ch cn ring mt khu ca anh, m cn cn c tp c s
d liu KeePass na. Nu anh ch dng chung mt mt khu cho tt c cc ti khon ca anh, khi hn s ch cn n
mi mt khu m thi. Hn th na, chng ta bit rng KeePass c thit k c tnh bo mt rt cao, phi khng? trong
khi , cc chng trnh hay trang web c th l ngc li. Mt s c kh hn cc chng trnh hay trang web khc, v
anh khng mun ai tn cng vo mt trang web c bo mt thp v s dng chnh mt khu hn d ra c
truy cp cc chng trnh v trang web c bo mt cao hn. V cn mt iu na, KeePass khin cho vic thay i
mt khu chnh d dng hn nhiu nu anh thy cn thit. Em ng l s may mn hn! Em phi dnh c ngy hm nay
thay i tt c mt khu ca mnh.

c thm
bit thm v mt khu bo mt, xem chng Password Protection [8] v How long should my password be? [9]
Ph lc cun Digital Security and Privacy for Human rights Defenders [10] .
Wikipedia gm nhng bi vit hu ch Passwords [11] , Guidelines for password strength [12] , v password cracking [13] .
URL ngun (c tm thy vo ngy 04/11/2015 - 03:12): https://info.securityinabox.org/vi/chuong-3
Cc lin kt:
[1] https://info.securityinabox.org/vi/glossary#Encryption
[2] https://info.securityinabox.org/vi/glossary#Secure_password_database
[3] https://info.securityinabox.org/vi/glossary#KeePass
[4] https://info.securityinabox.org/vi/chuong_3_2
[5] https://info.securityinabox.org/vi/grossary#Mnemonic
[6] https://info.securityinabox.org/vi/keepass-main
[7] https://info.securityinabox.org/vi/chuong-5
[8] http://www.frontlinedefenders.org/manual/en/esecman/chapter2_2.html
[9] http://www.frontlinedefenders.org/manual/en/esecman/appendix_d.html
[10] http://www.frontlinedefenders.org/manual/en/esecman
[11] http://en.wikipedia.org/wiki/Password
[12] http://en.wikipedia.org/wiki/Password_strength
[13] http://en.wikipedia.org/wiki/Password_cracking