"Account Fingerprint Phrase" 是如何工作的?
How does "Account Fingerprint Phrase" work?
在 bitwarden 的 Account Fingerprint Phrase 页面中,它说:
Your fingerprint phrase is an important security feature that assists
in uniquely and securely identifying a Bitwarden user account when
important encryption-related operations are performed (such as
sharing).
Some Bitwarden procedures (e.g. adding a new user to an Organization,
enabling Biometric Unlock for Browser Extensions) may ask you to
verify that the fingerprint phrase matches your own or another user’s.
Validating fingerprint phrases ensures that end-to-end encryption is
securely initiated and that the Bitwarden server you are communicating
with (and your connection) has not been maliciously tampered with.
所以,我想这是一种更安全的唯一标识用户的机制。但是我不明白为什么它更安全以及它是如何工作的。
请帮我理解一下。
要注意的关键是指纹不是您输入的,而是您阅读的东西:
Some Bitwarden procedures ... may ask you to verify that the fingerprint phrase matches your own or another user’s.
从某种意义上说,它就像一个反向密码:它是你已经知道的东西,服务器必须发送给你。如果攻击者试图冒充 Bitwarden 服务器,他们将不知道向您显示正确的指纹短语,您可以识破骗局:
Validating fingerprint phrases ensures that ... the Bitwarden server you are communicating with (and your connection) has not been maliciously tampered with.
除了直接拦截通信外,指纹还可以防止可能具有破坏性的打字错误。您是否曾经因为拼写错误而收到一封发给地址与您相似的人的电子邮件?想象一下不小心与用户“bobsmith”而不是“bob.smith”共享了您的密码。如果您的朋友 Bob 可以告诉您或确认他们帐户的指纹短语(例如 phone),您就可以更加确定自己选择了正确的帐户来与之共享。
在理想情况下,指纹应该是一长串随机数字,与您的真实指纹一样独一无二。但这将非常难以识别或分享,所以一串随机单词更合适。
在 bitwarden 的 Account Fingerprint Phrase 页面中,它说:
Your fingerprint phrase is an important security feature that assists in uniquely and securely identifying a Bitwarden user account when important encryption-related operations are performed (such as sharing).
Some Bitwarden procedures (e.g. adding a new user to an Organization, enabling Biometric Unlock for Browser Extensions) may ask you to verify that the fingerprint phrase matches your own or another user’s.
Validating fingerprint phrases ensures that end-to-end encryption is securely initiated and that the Bitwarden server you are communicating with (and your connection) has not been maliciously tampered with.
所以,我想这是一种更安全的唯一标识用户的机制。但是我不明白为什么它更安全以及它是如何工作的。
请帮我理解一下。
要注意的关键是指纹不是您输入的,而是您阅读的东西:
Some Bitwarden procedures ... may ask you to verify that the fingerprint phrase matches your own or another user’s.
从某种意义上说,它就像一个反向密码:它是你已经知道的东西,服务器必须发送给你。如果攻击者试图冒充 Bitwarden 服务器,他们将不知道向您显示正确的指纹短语,您可以识破骗局:
Validating fingerprint phrases ensures that ... the Bitwarden server you are communicating with (and your connection) has not been maliciously tampered with.
除了直接拦截通信外,指纹还可以防止可能具有破坏性的打字错误。您是否曾经因为拼写错误而收到一封发给地址与您相似的人的电子邮件?想象一下不小心与用户“bobsmith”而不是“bob.smith”共享了您的密码。如果您的朋友 Bob 可以告诉您或确认他们帐户的指纹短语(例如 phone),您就可以更加确定自己选择了正确的帐户来与之共享。
在理想情况下,指纹应该是一长串随机数字,与您的真实指纹一样独一无二。但这将非常难以识别或分享,所以一串随机单词更合适。