Hacker News

Ntukoreshe passke kugirango uhishe amakuru yumukoresha

Ibitekerezo

10 min read Via blog.timcappalli.me

Mewayz Team

Editorial Team

Hacker News

Passkeys niterambere rishimishije ryo kwemeza mumyaka. Bakuraho uburobyi, bakuraho umutwaro wibanga, kandi batanga uburambe bwo kwinjira butagira ingano bushyigikiwe nurufunguzo rusange. Ariko imyumvire mibi iteye ubwoba ikwirakwira mumiryango yabatezimbere: niba passkeys ari kriptografiya, rwose barashobora gushishoza amakuru yabakoresha. Ntibishobora - no kugerageza kubikoresha murubwo buryo bizashiraho sisitemu zoroshye, zizewe zishobora gufunga abakoresha bawe mumakuru yabo burundu. Gusobanukirwa impamvu bisaba kureba neza icyo passkeys aricyo, ibanga risaba, hamwe nuburyo byombi bitandukana muburyo bufite akamaro kanini kurubuga urwo arirwo rwose rukora amakuru yubucuruzi bworoshye.

Kwemeza no gushishoza ni imirimo itandukanye cyane

Kwemeza bisubiza ikibazo kimwe: "Niwowe uvuga ko uri?" Encryption isubiza itandukanye rwose: "Aya makuru arashobora kuguma adasomwa nabantu bose usibye ababifitiye uburenganzira?" Ibi bibazo byombi bisangiye kode ya primaire, ariko ibyangombwa byubwubatsi biratandukanye cyane. Kwemeza bigomba kubaho rimwe kumasomo, birashobora kwihanganira kunanirwa rimwe na rimwe hamwe nibisubizo byiza, kandi ntibikeneye kubyara umusaruro umwe buri gihe. Encryption isaba kugena, kubyara urufunguzo rwinjira mubuzima bwose bwamakuru - bishobora kuba imyaka cyangwa imyaka.

Iyo wemeje hamwe na passkey, igikoresho cyawe gitanga umukono wibanga ryerekana ko ufite urufunguzo rwihariye rujyanye na konti yawe. Seriveri igenzura umukono kandi itanga uburenganzira. Nta na rimwe seriveri - cyangwa na porogaramu yawe - yunguka kugera kubintu byihariye byingenzi. Nibintu biranga, ntabwo bigarukira. Icyitegererezo cyumutekano cyose cya passkeys biterwa nurufunguzo rwigenga ntuzigera usiga umutekano wibikoresho byawe. Ariko encryption isaba ko gukoresha urufunguzo kugirango uhindure amakuru, hanyuma ukoreshe urufunguzo rumwe (cyangwa mugenzi we) kugirango uhindure impinduka. Niba udashobora kubona neza urufunguzo, ntushobora gufungura neza.

Amahuriro nka Mewayz acunga amakuru yubucuruzi yoroheje - inyemezabuguzi, inyandiko zerekeye imishahara, imikoranire ya CRM, inyandiko za HR mu bice 207 - zikeneye ingamba zo gushishoza zubatswe ku mfunguzo ziramba, zishobora kugarurwa, kandi zikagerwaho buri gihe. Kubaka kuri fondasiyo yagenewe byumwihariko kugirango ikumire urufunguzo ni ukuvuguruzanya kwubaka.

Impamvu Passkeys Yanga Gukoreshwa Nka Urufunguzo rwa Encryption

Ibisobanuro bya WebAuthn, bishimangira passkeys, byakozwe nkana nimbogamizi zituma ibanga rikoreshwa ridakwiye. Gusobanukirwa n'izo mbogamizi byerekana impamvu iyi atari icyuho cyubuhanga bwubwenge bushobora gukemura - ni imbibi zifatizo.

      Sisitemu y'imikorere na mushakisha APIs ntabwo itanga uburyo bwo gukuramo ibikoresho by'ibanze. Urashobora gusaba urufunguzo rwo gusinya ikintu, ariko ntushobora gusoma urufunguzo ubwarwo.
      • Nta nteruro yimbuto, nta nzira ikomoka, nta buryo bwo kongera kubaka urufunguzo rumwe ku kindi gikoresho. Buri kwiyandikisha birigenga byigenga.
      • Kuboneka kubikoresho: Ndetse hamwe no guhuza passkey (iCloud Keychain, Umuyobozi wibanga rya Google), kuboneka biterwa nubwitabira bwibidukikije. Umukoresha wiyandikishije kuri iPhone hanyuma akajya muri Android ashobora kubura kwinjira. Umukoresha igikoresho cye cyatakaye, cyibwe, cyangwa uruganda-gusubiramo bihura nikibazo kimwe.
      • Ikibazo-gisubizo gusa: WebAuthn API iragaragaza navigator.credentials.get () isubiza ibyemezo byashyizweho umukono, ntabwo aribikoresho byingenzi. Wakiriye umukono hejuru ya seriveri yatanzwe - ingirakamaro mu kwerekana indangamuntu, ntacyo imaze kubona urufunguzo rwibanga.
      • Nta algorithm ihinduka: Inzira zisanzwe zikoresha ECDSA hamwe nu murongo wa P-256. Nubwo ushobora kubona urufunguzo, ECDSA ni umukono wa algorithm, ntabwo ari encryption algorithm. Ukeneye impinduka zinyongera (amasezerano yingenzi ya ECDH, inkomoko ya KDF) API idashyigikiye muriki gice.

      Bamwe mubatezimbere basabye akazi - bakoresheje PRF (Imikorere ya Pseudo-Random) kwaguka kuri WebAuthn, kurugero, kugirango bakure urufunguzo rwerekana mugihe cyo kwemeza. Mugihe ubu bwiyongere bubaho muri spec, inkunga ya mushakisha ikomeza kuba idahuye, ntishobora kuboneka kurubuga rwinshi rwa mobile, kandi iracyafite ikibazo cyo guhuza ibikoresho. Urufunguzo rukomoka kuri PRF ku gikoresho kimwe ntirushobora kubyara ku kindi gikoresho gifite passkey itandukanye, ndetse no kuri konti imwe y'abakoresha.

      Ibyatakaye Byatakaye Ntamuntu Wifuza Kohereza

      Reba uko bigenda iyo uhishe amakuru yumukoresha nurufunguzo rukomoka kuri passkey yabo. Ibintu byose bikora neza kumunsi wambere. Umukoresha yinjiye, urufunguzo rukomokaho, amakuru arahishwa kandi afunguye neza. Nyuma y'amezi atatu, terefone yabo igwa mu kiyaga.

      Hamwe no kwemeza gakondo, gutakaza igikoresho nikibazo. Umukoresha agarura konti yabo akoresheje imeri, ashyiraho ibyangombwa bishya, kandi akomeza gukora. Ariko niba amakuru yabo yarahishe hamwe nurufunguzo ruhambiriye igikoresho cyizewe ubu kirimo umutekano, ayo makuru yagiye. Ntabwo "bigoye gukira" yagiye - kriptografiya idasubirwaho yagiye. Nta tike yo gushyigikira abakiriya, nta konti yo kugarura konti, nta kuzamura ubuyobozi bishobora guhindura imibare. Amakuru ashobora kuba yarasibwe.

      Amategeko yingenzi yubushakashatsi bwa sisitemu: niba ingamba zawe zingenzi zo gucunga zifite ingingo imwe yo gutsindwa yangiza burundu kugera kumibare yabakoresha, ntabwo wubatse uburyo bwumutekano - wubatse uburyo bwo gutakaza amakuru hamwe nintambwe zinyongera.

      Kubikorwa bikora ubucuruzi binyuze kumurongo - gucunga umubano wabakiriya 50 muri CRM, gutunganya umushahara wa buri kwezi kubakozi 30, gukurikirana amamodoka - gutakaza amakuru ahoraho kuri terefone yataye ntabwo ari ikibazo gito cya UX. Nibikorwa bikomeza ubucuruzi. Niyo mpamvu rwose imyubakire ya Mewayz itandukanya uburyo bwo kwemeza ninzego zo kurinda amakuru, ikemeza ko nta kintu na kimwe cyananiranye gishobora guhungabanya uburyo bwo kubona amakuru y’ubucuruzi ku buryo ubwo ari bwo bwose bwahujwe.

      Ibyo Ukwiye Gukoresha Ahubwo

      Amakuru meza nuko uburyo bwashizweho neza bubaho kugirango uhishe amakuru yumukoresha utaguye mumutego wa passkey. Ubu buryo bwageragejwe kurugamba, bushyigikiwe cyane, kandi bwashizweho muburyo bwihariye bwo gukoresha ibanga.

      Serveri kuruhande rwibanga hamwe nurufunguzo rucungwa iracyari ihitamo rifatika kubenshi mubisabwa. Ihuriro ryawe rihisha amakuru kuruhuka ukoresheje urufunguzo ruyobowe na Serivisi ishinzwe imiyoborere myiza (KMS) - AWS KMS, Google Cloud KMS, HashiCorp Vault, cyangwa ibisa nayo. Umukoresha yemeza (hamwe na passkeys, niba ubishaka!) Kandi seriveri ikora ibanga no gufungura mu mucyo. Nuburyo buryo bwinshi bwa SaaS burinda amakuru, kandi burakora kuko urufunguzo ruramba, rumanitse, ruzunguruka, kandi rutigenga kubikoresho byose byabakoresha.

      Gucuruza-ni uko gutakaza ijambo ryibanga bisobanura gutakaza amakuru, ariko ijambo ryibanga rishobora gufatwa mu mutwe, kwandika, no kubikwa mu banga ryibanga - ntibifungirwa imbere mu byuma byabigenewe. Serivisi nka 1Password na Notes zisanzwe zikoresha ubu buryo neza.

      💡 DID YOU KNOW?

      Mewayz replaces 8+ business tools in one platform

      CRM · Invoicing · HR · Projects · Booking · eCommerce · POS · Analytics. Free forever plan available.

      Start Free →
      1. Koresha passkeys (cyangwa uburyo bukomeye) kugirango kwemeza - kugenzura umwirondoro wumukoresha.
      2. Nyuma yo kwemeza, kuvana cyangwa kugarura urufunguzo rwibanga ukoresheje gutandukana, intego-yubaka sisitemu yo gucunga
      3. Shyira mu bikorwa urufunguzo rwibanze cyangwa uburyo bwo kugarura - urufunguzo rwo kugarura, urufunguzo rwibikoresho byinshi, cyangwa urufunguzo rwibanze rwo gucunga konti zubucuruzi.
      4. Shishoza amakuru kuruhuka no gutambuka ukoresheje AES-256-GCM cyangwa XChaCha20-Poly1305 hamwe nurufunguzo rwa KMS yawe.
      5. Kuzenguruka urufunguzo buri gihe kandi ukomeze ibanga ryibanze ryibanze ryibitseho rirokoka ingingo iyo ari yo yose yo gutsindwa.

      Uku gutandukanya impungenge ntabwo ari imyitozo myiza gusa - nuburyo bwububiko bwonyine butuma uzamura uburyo bwo kwemeza utitaye kubikorwa byawe byo kugenzura. Iyo passkeys amaherezo ihindagurika cyangwa igasimbuzwa ikindi kintu cyiza, amakuru yawe ahishe akomeza kuboneka neza.

      Kwagura PRF: Gusezerana no Kugwa

      Abashinzwe gukurikiza hafi ya WebAuthn ibisobanuro birashobora kwerekana kwagura prf nk'ikiraro gishobora kuba hagati ya passke na encryption. Uku kwagura kwemerera ishyaka ryishingikirije gusaba pseudo-random agaciro gakomoka kumabanga ya passkey mugihe c'imihango yo kwemeza. Mubyigisho, agaciro gashobora kuba urufunguzo rwibanga cyangwa imbuto.

      Mubikorwa, kwagura PRF guhura nimbogamizi zikomeye zo kurera. Kuva mu ntangiriro ya 2026, inkunga iratandukanye cyane kurubuga rwa interineti. Ishyirwa mu bikorwa rya Safari ritandukanye na Chrome. Ibikoresho byinshi bya Android ntabwo bishyigikira na gato. Urufunguzo rwumutekano rwibikoresho rufite inkunga idahuye. Kurubuga urwo arirwo rwose rukoresha abakoresha batandukanye - na Mewayz ikorera abakoresha 138.000+ muri buri sisitemu nkuru yimikorere nubwoko bwibikoresho - kubaka encryption ku kintu gifite ibiboneka biboneka ntabwo bishoboka.

      Byibanze, PRF ntabwo ikemura ikibazo cyibikoresho byinshi. Pseudo-random isohoka ikomoka kuri passkey yihariye kubikoresho byihariye. Umukoresha wandika pasike kuri mudasobwa igendanwa na terefone abona ibisubizo bibiri bitandukanye bya PRF kuri konti imwe. Ugomba guhishira amakuru hamwe nurufunguzo rwibikoresho byakomotse hanyuma hanyuma ukongera ukabanga cyangwa ugasangira urufunguzo nibindi bikoresho - bikugarura neza kugirango wubake sisitemu yingenzi yo kuyobora. Icyo gihe, urufunguzo rukomoka kuri passkey rwongeramo ibintu bigoye utongeyeho umutekano.

      Amasomo Kububaka: Koresha Igikoresho Cyiza Kuburyo Bwiza

      Ikigeragezo cyo gukoresha passkeys mugusobora kiva mubitekerezo byiza - abitezimbere bifuza gukoresha amashusho akomeye kandi bakagabanya umubare wibanga abakoresha bakeneye gucunga. Ariko umutekano wubwubatsi ni muburyo bwo gukoresha primitique iburyo. Gufunga n'umutekano byombi birinda ibintu by'agaciro, ariko ntushobora gushyiramo deadbolt imbere mububiko cyangwa kugerageza gutwara umutekano mumufuka.

      Passkeys nziza cyane kubyo yagenewe. Bagabanije gufata konti zijyanye no kuroba kugera kuri 99.9% muri Google yoherejwe imbere. Bakuraho ibitero byuzuye byuzuye. Batanga uburambe bwo kwinjira icyarimwe umutekano kandi byoroshye kuruta ijambo ryibanga. Ibyo ni ibyagezweho bidasanzwe, kandi birahagije. Kubaza passkeys kugirango ukemure encryption ninko gusaba firewall yawe nayo kugirango ikore nka sisitemu yo gusubira inyuma - itumva neza imyubakire.

      Mugihe wubaka urubuga rukora ibikorwa byubucuruzi byoroshye, ubwubatsi bugomba kwerekana imipaka isobanutse. Kwemeza bigenzura umwirondoro. Uruhushya rugena uburyo. Encryption irinda amakuru kuruhuka no gutambuka. Ubuyobozi bwibanze butuma urufunguzo rwibanga rubaho gutakaza ibikoresho, guhinduranya abakozi, no guhindura ibikorwa remezo. Buri cyiciro gifite ibikoresho-byubatswe, kandi kubivanga bitera intege nke zigaragara mugihe kibi gishoboka - mugihe umukoresha akeneye cyane kubona amakuru yabo kandi ntashobora.

      Kubona Umutekano neza utabigoranye

      Kuri porogaramu nyinshi za SaaS hamwe nubucuruzi bwubucuruzi, ibyifuzo bifatika biroroshye: fata passke ushishikaye kubyemeza, kandi ukoreshe encryption rwose seriveri-kuruhande hamwe na KMS icungwa. Ibi biha abakoresha bawe uburambe bwiza bwo kwinjira buboneka uyumunsi mugihe urinze amakuru yabo hamwe nibikorwa remezo byateguwe byumwihariko kuramba no gukira.

      = Ishoramari ryubwubatsi ni rinini, ariko ubundi ni kohereza sisitemu amaherezo izasenya amakuru yumuntu bidasubirwaho.

      Ibyemezo byumutekano byiyongera mugihe. Amahinanzira yafashwe uyumunsi ahinduka inzozi zo kwimuka mumyaka itatu mugihe ihinduka ryibanze ryibanze, urusobe rwibinyabuzima ruhindura politiki yo guhuza, cyangwa mushakisha itesha agaciro kwaguka. Kubaka kubikuramo neza uhereye mugitangira - kwemeza nkukwemeza, gushishoza nkibanga, buriwese hamwe nubuzima bwacyo bwingenzi - ni umusingi ureka urubuga rugera ku bihumbi amagana rwabakoresha badafite igisasu cyigihe cyo gushyingura mumazi ya kriptografiya.

      Ibibazo bikunze kubazwa

      Kuki bidashobora gukoreshwa kugirango uhishe amakuru yumukoresha?

      Passkeys yagenewe gusa kwemeza, ntabwo ari encryption. Bishingikiriza kumugaragaro-urufunguzo rwibanga kugirango bamenye umwirondoro wawe mugihe winjiye, ariko urufunguzo rwigenga ntiruva mubikoresho byawe kandi ntirushobora kugera kubisabwa. Encryption isaba urufunguzo ruhamye, rwororoka rushobora guhora rusobora amakuru mugihe. Passkeys ibura ubwo bushobozi mugushushanya, bigatuma muburyo budakwiriye kurinda amakuru yabakoresha yabitswe.

      Bigenda bite iyo ugerageje guhisha amakuru hamwe na passkeys uko byagenda kose?

      Ufite ibyago byo kubaka sisitemu yoroheje aho abakoresha bafungirwa burundu mumibare yabo. Inzira zirashobora gukurwaho, kuzunguruka, cyangwa gusimburwa mubikoresho nta nteguza. Niba amakuru ahishe neza ahujwe na passkey yihariye isibwa cyangwa ivugururwa, nta nzira yo kugarura. Ibi birema ibintu biteye ubwoba-gutakaza ibintu nta mubare wubwubatsi ushobora gukumira byanze bikunze.

      Abashinzwe iterambere bagomba gukoresha iki aho gukoresha passke yo kubika amakuru?

      Abashinzwe iterambere bagomba gukoresha intego-yashizweho yo gushishoza ibisubizo nka AES-256 hamwe nubuyobozi bukwiye, kugenzura ibahasha, cyangwa amasomero yashizweho nka libsodium. Komeza kwemeza no gushishoza nkibibazo bitandukanye. Koresha passkeys kubyo barusha abandi - kwinjira bidafite ijambo ryibanga - hamwe nurufunguzo rwabigenewe rwabitswe binyuze muri sisitemu yingenzi ituruka hamwe na sisitemu yo kubika kugirango urinde amakuru y’abakoresha.

      Mewayz akora ate kwemeza no gucunga amakuru kubucuruzi?

      Mewayz itanga OS 207-module yubucuruzi OS guhera kuri $ 19 / mo itandukanya kwemeza no kurinda amakuru ukoresheje inganda nziza. Aho gukoresha nabi passkeys, urubuga kuri app.mewayz.com rushyira mubikorwa uburyo bwogusobora neza hamwe no kwinjira byinjira neza, byemeza ko ubucuruzi bushobora kurinda amakuru yabakiriya mu buryo bwizewe bitabangamiye ibintu byafunzwe bituruka ku guhuza ibanga no kubanga.