§

Yanayin ƙirƙirawa

§

Saitunan haruffa

Ja don saita tsawo na kalmar sirri. Kewayon: haruffa 4 zuwa 128.
Yana cire haruffan da suka yi kama da gani: 0, O, o, 1, l, I, |, da backtick.
Kewayon: 1 zuwa 50. Kowane sakamakon yana da mabuɗin kwafi na sa; Kwafi duk yana haɗa su da layin sabon.
§

Fitarwa

    A Najeriya da yawancin ƙasashe a Afirka, aminci na kalmar sirri ya zama mahimmin batu musamman yayin karuwar amfani da ayyukan kuɗi na dijital da kasuwancin intanet. Wannan mai ƙirƙirawa yana fitar da kirtanin haruffa na bazuwar ta crypto gaba ɗaya ta API na Web Crypto na burauzar — ba ta Math.random() ba, ba aka aika ta uwar garke ba. Yana da amfani don tokens na API, takaddun kula-da-sabis, ko shigarwa na 1Password/Bitwarden waɗanda ba su taɓa bayyana a cikin bincike na tarihin burauzar ba.

    // Kayan Aiki Masu Alaƙa

    ./hash-generator
    Mai Samar da Hash
    Samar da digests na MD5, SHA-1, SHA-256, da SHA-512 a cikin mai binciken ka.
    ./uuid-generator
    Mai Ƙirƙirar UUID
    Samar da UUID na RFC 4122 v4/v1 da RFC 9562 v7 a cikin mai bincike.
    ./jwt-decoder
    JWT Mai Tantancewa
    Rarraba JSON Web Tokens da tabbatar da sa hannu na HS256/384/512.
    ./
    Duk Kayan Aikin
    Duba cikakken jerin kayan aikin Ultim8Soft na intanet.

    Menene ya sa wannan mai ƙirƙirar kalmar sirri ya bambanta?

    Wannan mai ƙirƙirar kalmar sirri na farko sirri ne, na burauzar kawai. Kowane byte na bazuwar yana zuwa daga mai ƙirƙirar lambobi na bazuwar ta crypto na tsarin aikin ka ta crypto.getRandomValues — ba daga Math.random ba. Shafin ba ya yin buƙatar cibiyar sadarwa don ƙirƙirar kalmar sirri, kuma ƙima da aka ƙirƙira ba ya taɓa barin taban ka. Buɗe allo na Cibiyar Sadarwa a cikin DevTools kuma danna Ƙirƙira: yana zama a shiru.

    Yadda wannan mai ƙirƙirar kalmar sirri ke aiki?

    Kayan aikin yana gudana gaba ɗaya a cikin JavaScript a cikin burauzarka. Babu tafiya-zuwa-gida ta uwar garke, babu abin wayar analytics yana ɗaukar kalmar sirri, kuma babu buƙatar rubutun mai nisa bayan loda shafi.

    1. Sanya iri daga OS CSPRNG. Ana jan kowane lamba gaba daya daga crypto.getRandomValues(new Uint32Array(n)) — tushe mai aminci guda ɗaya da burauzar ke amfani da shi don kayan TLS da crypto.randomUUID. Ba a taɓa kiran Math.random da gangan; grep wanda ya shafi aikin gaba ɗaya yana aiwatar da shi.
    2. Haɗa charset. Yanayin haruffa ta bazuwar yana haɗa nau'ikan haruffa da aka kunna — manyan haruffa, ƙananan haruffa, lambobi, alamomi — cikin haruffa guda ɗaya. Mabuɗin 'Cire masu kama' yana cire haruffan da suka yi kama da gani (0, O, o, 1, l, I, |, backtick) don kalmar sirri ta kasance babu wata shakka lokacin da aka karanta da babbar murya ko kwafi da hannu.
    3. Ƙayyade index ba tare da son kai ba. Taswirar lamba gaba daya 32-bit zuwa index na charset da sauki (modulo) yana gabatar da ƙaramin son kai lokacin da girman charset ba ya raba 2^32 daidai. Kayan aikin yana amfani da ƙayyade ta ƙi: ana jefar da duk wani samfuri da ya faɗa a wutsiyar modulo kuma ana sake-janansa, don haka kowane harafi a cikin charset yana da yuwuwar daidai.
    4. Samar da yawa. Don yanayin haruffa ta bazuwar za ka iya buƙatar 1 zuwa 50 kalmomin sirri a danna guda ɗaya. Ana nuna kowane sakamakon a matsayin layi tare da kiyastar entropy nasa, ɗumi na ƙarfi, da mabuɗin Kwafi. Mabuɗin 'Kwafi duk' yana haɗa layukan da layin sabon don ka iya liƙa cikin CSV ko fayil ɗin shigo da vault.
    5. Yanayin passphrase. Juyar da mabuɗin yanayi kuma shafin yana kawo EFF Short Wordlist #1 (kalmomi 1296 na Turanci na kowa) a kan amfani na farko. Passphrases masu kalmomi biyar suna ba da kusan bits 51.7 na entropy — isasshe don asusun yau da kullum kuma mai sauƙin tunawa fiye da ruwan kalmomi 9-harafi na bazuwar. Bayan wannan kawo ɗaya na asalin guda, shafin yana shiru baya.

    Me ya sa amfani da wannan mai ƙirƙirar kalmar sirri?

    • Kalmar sirrinka ba ta barin burauzarka. Babu ƙarshen uwar garke, babu kiran analytics yana ɗaukar ƙima, babu rubutun mai nisa, babu telemetry. Buɗe DevTools, ƙirƙiri kalmar sirri, kuma kalla allo na Cibiyar Sadarwa ya kasance babu.
    • Bazuwar mai aminci ta crypto, ta ginshiƙi. Kowane lamba gaba daya yana zuwa daga crypto.getRandomValues, tare da ƙayyade ta ƙi akan son kai na modulo. Kwaro mafi gama gari a cikin masu ƙirƙirar kalmar sirri na burauzar — amfani da Math.random don entropy — ba zai yiwu ta tsari nan.
    • Yanayi biyu, kayan aiki ɗaya. Yanayin haruffa ta bazuwar yana samar da kirtanin masu ƙarfin entropy don masu kula da kalmar sirri; yanayin passphrase yana samar da kirtanin salon xkcd masu sauƙin tunawa (correct-horse-battery-staple) da EFF Short Wordlist #1 ta goyan bayan. Ƙirar sirri guda ɗaya a dukansu.
    • Entropy mai gaskiya. Kowane layin da aka ƙirƙira yana nuna entropy sa a cikin bits da lakabi na ƙarfi mai bayyanawa, don ka iya ganin da wuri ko kirtanin haruffa 12 ba tare da alama ba ya ƙarfi yadda passphrase ta kalmomi 5 take. Babu shak-shak na talla, lambobi kawai.

    Menene ayyukan gari na kalmomin sirrin da aka ƙirƙira?

    Duk lokacin da kake buƙatar sirrin bazuwar na sabon, wannan shine kayan aikin da ke rage saman amana:

    • Shigo da masu kula da kalmar sirri. Ƙirƙiri kalmomin sirri 50 masu ƙarfi a cikin rukuni ɗaya, danna Kwafi duk, liƙa cikin shigo da CSV na vault ɗinka. Ƙimoman ba su taɓa tafiya zuwa gida ta kowane uwar garke ba, don babu taga zubar da bayanai tsakanin ƙirƙirawa da adanawa.
    • Passphrases na babba. Canza zuwa yanayin passphrase, zaɓi kalmomi 6 ko 7, fara kowane kalma da babbar harf ta zaɓi, kuma kana da kirtanin masu ƙarfin entropy da za ka iya tunawa ba tare da rubuta shi ƙasa ba. Kusan bits 62 na entropy daga kalmomi 6 — da kyau a sama da iyaka don hari na layi.
    • Makullan API da tokens a cikin ayyukan gefe. Kana buƙatar sirrin da aka raba na sau ɗaya don makulli na sanya hannu webhook ko kalmar sirri ta bayanan haɓakawa? Ƙirƙiri kirtanin haruffa 32 mai arziki a nan, kwafi shi sau ɗaya, kuma wurin da ya taɓa wanzu a kan waya kawai taba burauzarka na gida.

    Yaya misali na kalmar sirrin da aka ƙirƙira ke kama?

    Saita tsawo zuwa 16, bar duk nau'ikan haruffa huɗu a kunna, kuma danna Ƙirƙira. Charset yana da 26 + 26 + 10 + 32 = 94 haruffa, don haka kowane harafi da aka ƙirƙira yana ɗaukar log2(94) ≈ bits 6.55 na entropy. Haruffa goma sha shida suna sauka a kusan bits 104.9 — da kyau a sama da iyaka ta 'mai ƙarfi sosai' na bits 80 kuma ba zai yiwu ɓarnatarwa da na'ura ta yanzu ba. Yanzu juyar da yanayin passphrase, zaɓi kalmomi 5 tare da mai raba na asali na alamar haɗi: cocktail-sprig-aspect-magenta-tonic yana ɗaukar log2(1296) x 5 ≈ bits 51.7. Mai sauƙin tunawa, mai rubuta, kuma mafi ƙarfi fiye da kalmar sirri ta yau da kullum da mutum ya zaɓa.

    Ƙirƙira, kwafi, ci gaba. Shafin ba ya taɓa ganin uwar garke, kalmar sirri ba ta barin taban ka, kuma ana ƙididdige entropy daga farkon farko. Hakan shine alkawarin gaba ɗaya.