人人都知道，記密碼令人痛苦?，F(xiàn)在的系統(tǒng)很糟糕,，因?yàn)樗笥脩粲涀〉卿泿资畟€(gè)不同網(wǎng)站所需的字母、數(shù)字和字符的奇怪排列,，例如“Mercede$7”,。

這是個(gè)問題，因?yàn)椋?）一般人難以記住包含數(shù)字和符號(hào)的奇怪密碼（2）黑客們往往能猜到一些我們經(jīng)常加入密碼的字母和字符（例如用$取代S）,，這讓他們更容易破解我們的密碼,。

好消息是，現(xiàn)在有了另一種辦法,。它依靠所謂的“口令句”,，更長(zhǎng)一些，但是記起來(lái)要容易得多,。

例如,，用戶不用把密碼設(shè)置成類似Mercede$7這樣，而是變成iwanttodriveaMercedesthroughthestreetsofBerlin（我想在柏林的大街上開梅賽德斯）,。

長(zhǎng)密碼更安全,，原因很簡(jiǎn)單，它的變量更多,?！度A盛頓郵報(bào)》報(bào)道稱，這種做法得到了學(xué)術(shù)研究的支持：

卡耐基梅隆大學(xué)（Carnegie Mellon University）的一系列研究證實(shí),，口令句在網(wǎng)絡(luò)安全方面非常有效,，因?yàn)楹诳统绦驎?huì)因?yàn)槊艽a長(zhǎng)度帶來(lái)的隨機(jī)性而放棄。對(duì)于計(jì)算機(jī)來(lái)說(shuō),，詩(shī)句或簡(jiǎn)單句子的破解難度同樣很高,。更好的是，人們還不太容易忘記它們,。

在創(chuàng)建口令句時(shí),，人們可以想一個(gè)怪誕的場(chǎng)景，甚至是一個(gè)讓人惱火的短語(yǔ),。另一方面,，用流行歌詞或詩(shī)歌不是個(gè)好主意，因?yàn)楹诳筒捎谩氨┝ζ平狻钡氖侄尾聹y(cè)密碼時(shí),，會(huì)首先試用它們,。

當(dāng)然，有個(gè)問題在于，許多網(wǎng)站和機(jī)構(gòu)仍在要求用戶利用數(shù)字和符號(hào)創(chuàng)建討厭的短密碼,，而不支持口令句,，后者的長(zhǎng)度通常為16至64個(gè)字符。

不過正如《華爾街日?qǐng)?bào)》報(bào)道,，好消息是,，隨著學(xué)術(shù)支持的增加，越來(lái)越多的機(jī)構(gòu)甚至政府部門,，都開始意識(shí)到使用口令句更加明智,。

從更大的角度上看，密碼作為一種安全功能,，被淘汰只是時(shí)間問題,。許多專家相信，密碼終究會(huì)被一系列生物識(shí)別技術(shù),，例如指紋識(shí)別,、虹膜掃描甚至體溫探測(cè)等取代。不過,，生物識(shí)別技術(shù)也有它們的局限性,。

但是與此同時(shí)，更多消費(fèi)者能夠有機(jī)會(huì)把那些惱人的密碼換成他們真正能記住的一些東西了,。（財(cái)富中文網(wǎng)）

譯者：嚴(yán)匡正

Everyone knows passwords are a pain. The current system is broken because it asks users to remember a weird jumble of letters, numbers, and special characters—say “Mercede$7″—for dozens of different websites.

This is a problem because: 1) normal people struggle to recall weird words that contain numbers and symbols; and 2) hackers can often anticipate the common way we add a single letter or character (such as $ for “S”) to a password, making it easier to guess.

The good news is there’s another approach. It relies on so-called “passphrases,” which are longer but much easier to remember.

For instance, instead of Mercede$7, a user can create something like:iwanttodriveaMercedesthroughthestreetsofBerlin

The longer password is effective for the simple reason that it contains more variables. As the?Washington Postreports, the practice is getting support from academic research:

A series of studies from Carnegie Mellon University confirmed that passphrases are just as good at online security because hacking programs are thrown off by length nearly as easily as randomness. To a computer, poetry or simple sentences can be just as hard to crack. Even better: People are less likely to forget them.

To create a passphrase, people should think of a whimsical situation or even a phrase invoking a pet peeve. On the other hand, it’s not a good idea to use popular song lyrics or pieces of poetry because it’s more likely hackers will try those first in any effort to “brute force” guess the password.

One catch, of course, is that many websites or organizations still prompt users to create the annoying, shorter passwords based on numbers and symbols—and may not allow passphrases, which are typically 16 to 64 characters long.

But the good news, as the?Post?reports, is that more institutions, even government ones, are coming around to the wisdom of passphrases as academic support from the grows.

In the bigger picture, passwords as a security features are on borrowed time. Many experts believe, in the long run, passwords will come to replaced with a host of?biometric identifiers?such as fingerprints, iris scans, or even body heat. Nevertheless, biometrics havelimitations of their own.

But in the meantime, more consumers will get the opportunity to replace all those irritating passwords with something they might actually remember.