人人都知道,，記密碼令人痛苦?，F(xiàn)在的系統(tǒng)很糟糕,，因為它要求用戶記住登錄幾十個不同網(wǎng)站所需的字母、數(shù)字和字符的奇怪排列,，例如“Mercede$7”,。

這是個問題，因為（1）一般人難以記住包含數(shù)字和符號的奇怪密碼（2）黑客們往往能猜到一些我們經(jīng)常加入密碼的字母和字符（例如用$取代S）,，這讓他們更容易破解我們的密碼,。

好消息是，現(xiàn)在有了另一種辦法,。它依靠所謂的“口令句”,，更長一些，但是記起來要容易得多,。

例如,，用戶不用把密碼設(shè)置成類似Mercede$7這樣，而是變成iwanttodriveaMercedesthroughthestreetsofBerlin（我想在柏林的大街上開梅賽德斯）,。

長密碼更安全,，原因很簡單，它的變量更多,?！度A盛頓郵報》報道稱，這種做法得到了學(xué)術(shù)研究的支持：

卡耐基梅隆大學(xué)（Carnegie Mellon University）的一系列研究證實,，口令句在網(wǎng)絡(luò)安全方面非常有效,，因為黑客程序會因為密碼長度帶來的隨機性而放棄。對于計算機來說,，詩句或簡單句子的破解難度同樣很高,。更好的是，人們還不太容易忘記它們,。

在創(chuàng)建口令句時,，人們可以想一個怪誕的場景，甚至是一個讓人惱火的短語,。另一方面,，用流行歌詞或詩歌不是個好主意，因為黑客采用“暴力破解”的手段猜測密碼時,，會首先試用它們,。

當(dāng)然，有個問題在于,，許多網(wǎng)站和機構(gòu)仍在要求用戶利用數(shù)字和符號創(chuàng)建討厭的短密碼,，而不支持口令句，后者的長度通常為16至64個字符,。

不過正如《華爾街日報》報道,，好消息是,，隨著學(xué)術(shù)支持的增加，越來越多的機構(gòu)甚至政府部門,，都開始意識到使用口令句更加明智,。

從更大的角度上看，密碼作為一種安全功能,，被淘汰只是時間問題,。許多專家相信，密碼終究會被一系列生物識別技術(shù),，例如指紋識別,、虹膜掃描甚至體溫探測等取代。不過,，生物識別技術(shù)也有它們的局限性。

但是與此同時,，更多消費者能夠有機會把那些惱人的密碼換成他們真正能記住的一些東西了,。（財富中文網(wǎng)）

譯者：嚴匡正

Everyone knows passwords are a pain. The current system is broken because it asks users to remember a weird jumble of letters, numbers, and special characters—say “Mercede$7″—for dozens of different websites.

This is a problem because: 1) normal people struggle to recall weird words that contain numbers and symbols; and 2) hackers can often anticipate the common way we add a single letter or character (such as $ for “S”) to a password, making it easier to guess.

The good news is there’s another approach. It relies on so-called “passphrases,” which are longer but much easier to remember.

For instance, instead of Mercede$7, a user can create something like:iwanttodriveaMercedesthroughthestreetsofBerlin

The longer password is effective for the simple reason that it contains more variables. As the?Washington Postreports, the practice is getting support from academic research:

A series of studies from Carnegie Mellon University confirmed that passphrases are just as good at online security because hacking programs are thrown off by length nearly as easily as randomness. To a computer, poetry or simple sentences can be just as hard to crack. Even better: People are less likely to forget them.

To create a passphrase, people should think of a whimsical situation or even a phrase invoking a pet peeve. On the other hand, it’s not a good idea to use popular song lyrics or pieces of poetry because it’s more likely hackers will try those first in any effort to “brute force” guess the password.

One catch, of course, is that many websites or organizations still prompt users to create the annoying, shorter passwords based on numbers and symbols—and may not allow passphrases, which are typically 16 to 64 characters long.

But the good news, as the?Post?reports, is that more institutions, even government ones, are coming around to the wisdom of passphrases as academic support from the grows.

In the bigger picture, passwords as a security features are on borrowed time. Many experts believe, in the long run, passwords will come to replaced with a host of?biometric identifiers?such as fingerprints, iris scans, or even body heat. Nevertheless, biometrics havelimitations of their own.

But in the meantime, more consumers will get the opportunity to replace all those irritating passwords with something they might actually remember.