Mazuva mashoma apfuura chinonyadzisa chakasimudzwa pamambure nechinyorwa chakaitwa naDonjon (chengetedzo kubvunza) mune izvo chaizvo vakakurukura dzakasiyana siyana nyaya dzekuchengetedza dze "Kaspersky Password Manager" kunyanya mu password yayo jenareta, sezvo zvaitaridza kuti password yega yega yaigadzira inogona kutsemuka nechisimba chisimba kurwisa.
Uye ndizvo izvo zvekuchengetedza chengetedzo Donjon akazviona Pakati paKurume 2019 naGumiguru 2020, Kaspersky Password Manager akagadzira mapassword anogona kutyorwa mumasekondi. Chishandiso chakashandisa pseudo-yakasarudzika manhamba jenareta iyo yaive imwechete isingakodzere cryptographic zvinangwa.
Vatsvakurudzi vakaona kuti password password yaive nematambudziko akati wandei uye chimwe chezvakanyanya kukosha ndechekuti PRNG yakangoshandisa imwechete entropy sosi Muchidimbu, zvaive zvekuti kuti mapassword akagadzirwa ainetseka uye haana kana kuchengetedzeka.
“Makore maviri apfuura, takaongorora Kaspersky Password Manager (KPM), maneja wepassword wakagadzirwa naKaspersky. Kaspersky Password Manager chigadzirwa chinochengetedza zvakachengeteka mapassword nemagwaro mune yakavharidzirwa, password-yakachengetedzwa yakachengeteka. Iyi safe inodzivirirwa ne master password. Nekudaro, sevamwe mamaneja epassword, vashandisi vanofanirwa kurangarira imwechete password yekushandisa nekutarisira ese mapassword avo. Chigadzirwa chacho chinowanikwa kune akasiyana masystem anoshanda (Windows, macOS, Android, iOS, Webhu ...) Yakavharirwa data inogona kuenzanirana otomatiki pakati pemidziyo yako yese, inogara ichidzivirirwa ne master password yako.
“Chinhu chikuru cheKPM kuchengetedza password. Pfungwa yakakosha ine mamaneja epassword ndeyekuti, kusiyana nevanhu, maturusi aya akanaka pakuburitsa mapassword akasimba, akasarudzika. Kuti ugadzire mapassword akasimba, Kaspersky Password Manager inofanirwa kuvimba nenzira yekugadzira mapassword akasimba ”.
Kune dambudziko yakapa iyo index CVE-2020-27020, iko bakoat iyo "anorwisa angade kuziva ruzivo rwekuwedzera (semuenzaniso, iyo nguva yakaitwa password)" ichokwadi, chokwadi ndechekuti mapassword eKaspersky aive pachena asina kuchengetedzeka kupfuura zvaifungwa nevanhu.
"Iyo password jenareta inosanganisirwa muKaspersky Password Manager yasangana nematambudziko akati wandei," Dungeon timu yekutsvagisa yakatsanangura muchinyorwa neChipiri “Chinhu chakakosha ndechekuti akange achishandisa PRNG isina kukodzera kuita macryptographic. Yayo chete sosi ye entropy yaive nguva iriko. Chero password yaunogadzira inogona kutyorwa zvine hukasha mumasekondi. "
Dungeon inonongedza kuti Kaspersky kukanganisa kukuru kwaishandisa iyo wachi wachi mumasekonzi sembeu mune yekunyepedzera-isina nhamba nhamba jenareta.
"Izvi zvinoreva kuti chiitiko chega chega cheKaspersky Password Manager pasi rose chichagadzira password imwechete pasekondi yakapihwa," anodaro Jean-Baptiste Bédrune. Sekureva kwake, password yega yega inogona kuve chinangwa chekurwiswa nechisimba ” "Semuenzaniso, pane masekondi 315,619,200 pakati pa2010 na2021, saka KPM inogona kuburitsa mapassword anokwana mazana matatu anokwana 315,619,200 echimiro chakapihwa. "Hondo yechisimba kurwisa pane iyi runyorwa inongotora maminetsi mashoma."
Vanotsvaga kubva Dungeon akagumisa:
“Kaspersky Password Manager akashandisa nzira yakaoma kugadzira mapassword ayo. Iyi nzira yaive yakanangana nekugadzira zvakaoma-kutsemura mapassword eakajairika password password. Nekudaro, nzira yakadaro inoderedza kusimba kwemapassword akagadzirwa achienzaniswa nematurusi akazvipira. Isu takaratidza maitiro ekugadzira mapassword akasimba tichishandisa KeePass semuenzaniso: nzira dzakareruka senge sweepstakes dzakachengeteka, uchangobvisa "modulus bias" uchitarisa tsamba mune yakapihwa mhando renji.
“Takatarisawo PRNG yaKaspersky tikaratidza kuti yaive isina kusimba. Chimiro chayo chemukati, Mersenne chamupupuri kubva kuBoost raibhurari, haina kukodzera kugadzira cryptographic zvinhu. Asi chakanyanya kukanganisa ndechekuti iyi PRNG yakadyarwa pamwe neyazvino nguva, mumasekondi. Izvi zvinoreva kuti password yega yega inogadzirwa nenjodzi shanduro dzeKPM dzinogona kukanganiswa zvine utsinye nenyaya yemaminetsi (kana yechipiri kana iwe uchiziva ingangoita nguva yechizvarwa).
Kaspersky akaudzwa nezve kushushikana muna Chikumi 2019 uye akaburitsa iyo vhezheni vhezheni muna Gumiguru wegore rimwe chetero. Muna Gumiguru 2020, vashandisi vakaudzwa kuti mamwe mapassword aifanira kugadzirwazve, uye Kaspersky akaburitsa zano rekuchengetedza musi waApril 27, 2021:
“Vashanduri vese veKaspersky Password Manager vanoona nezvedambudziko iri vava neimwe itsva. Pasiwedhi chizvarwa logic uye password yekuvandudza yambiro kune zviitiko uko password inogadzirwa ingangodaro isina kusimba zvakakwana ”, inodaro kambani yekuchengetedza
mabviro: https://donjon.ledger.com
Mapassword akafanana nemakiya: hapana kana imwe chete muzana yakachengeteka, asi iyo yakaoma kwazvo, inowedzera nguva nesimba rinodiwa.
Runako runoshamisa, asi kana iwe usingakwanise kuwana komputa yako, haugone kana kuwana mudzidzisi. Mazuva ano, munhu wese ane komputa yake, kunze kwekunge shamwari yemumwe munhu aenda kumba kwavo uye nemukana vanoona kuti vane chirongwa ichocho chakaiswa
Vakanga vaine rombo rakaringana kuve nekodhi kodhi yechirongwa kuti vakwanise kunzwisisa maumbirwo avakaitwa, dai yanga iri bhainari, inofanira kutanga yaora, zvinova zvakaoma, havasi vazhinji vanonzwisisa mabiti, kana zvakananga nechisimba chisimba pasina kunzwisisa mashandiro ainoita.