{"id":16499,"date":"2023-12-07T13:23:27","date_gmt":"2023-12-07T10:23:27","guid":{"rendered":"https:\/\/authtake.com\/?p=16499"},"modified":"2023-12-08T12:32:12","modified_gmt":"2023-12-08T09:32:12","slug":"problems-created-by-password-managers-and-the-safest-way-of-authentication-passwordless-authentication","status":"publish","type":"post","link":"https:\/\/authtake.com\/tr\/problems-created-by-password-managers-and-the-safest-way-of-authentication-passwordless-authentication\/","title":{"rendered":"Parola Y\u00f6neticilerinin Yaratt\u0131\u011f\u0131 Sorunlar ve Kimlik Do\u011frulaman\u0131n En G\u00fcvenli Yolu: Parolas\u0131z Kimlik Do\u011frulama"},"content":{"rendered":"
\n\t\t\t\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t

<\/p>\n

Parolalarla ya\u015fanan k\u00fc\u00e7\u00fck \u00e7apl\u0131 sava\u015flar, unutulan parolalardan sonra ge\u00e7irilen sinir krizleri ve yeni parola \u00fcretmekte zorlanan beyinlerimiz bize sonunda \u015funu s\u00f6yletti: \u201cYard\u0131m edin!\u201d Ve birileri sesimizi duymu\u015f olacak ki \u201cParola Y\u00f6neticisi\u201d kavram\u0131 ortaya \u00e7\u0131kt\u0131. Fakat d\u00f6n\u00fcp bakt\u0131\u011f\u0131m\u0131zda bu mekanizman\u0131n ilk yard\u0131m \u00e7antas\u0131ndaki yara band\u0131ndan farkl\u0131 olmad\u0131\u011f\u0131n\u0131 anlamam\u0131z \u00e7ok zaman almad\u0131. Yap\u0131lan ilk m\u00fcdahaleler genellikle iyi hissettirir. Parola y\u00f6neticileri de parolalarda bo\u011fulmu\u015f kullan\u0131c\u0131lar\u0131n yard\u0131m \u00e7\u0131\u011fl\u0131klar\u0131na yeti\u015fen ilk m\u00fcdahaleler oldu\u011fundan o anl\u0131k iyi hissettirdi fakat uzun vadede ihtiya\u00e7lar\u0131 kar\u015f\u0131lamada tabii ki yetersiz kald\u0131. Bir sonraki a\u015famada profesyonel bir tedavi s\u00fcreci vard\u0131\u2026 \u2018Parolas\u0131z Kimlik Do\u011frulama\u2019<\/p>\n

\u00a0<\/p>\n

Parola Y\u00f6neticilerinin Sorunlar\u0131<\/strong><\/p>\n

\u00a0<\/strong><\/p>\n

Bir\u00e7ok sistem ve uygulaman\u0131n gerektirdi\u011fi say\u0131s\u0131z \u015fifre, parola y\u00f6neticisi uygulamalar taraf\u0131ndan tarand\u0131, kaydedildi ve sizin i\u00e7in otomatik doldurulabilir hale geldi. Bir uygulamaya girdi\u011finizde parolan\u0131z\u0131n otomatik olarak doldurulmas\u0131 sizi o anda rahatlatan bir uygulama gibi g\u00f6r\u00fcnse de ana parolay\u0131 unutman\u0131z halinde \u00e7ok daha b\u00fcy\u00fck bir sorunla kar\u015f\u0131la\u015faca\u011f\u0131n\u0131z\u0131 hat\u0131rlatmak isteriz. Birbirine ba\u011fl\u0131 sistemleri y\u00f6neten tek bir parolan\u0131n olmas\u0131, di\u011fer hesap ve ki\u015fisel bilgilerin de risk alt\u0131nda olabilece\u011finin bir g\u00f6stergesi. Bu riske y\u00f6nelik \u00f6nlemler birden fazla hesab\u0131n \u015fifresine sahip y\u00f6netici sistemler i\u00e7in tabii ki al\u0131n\u0131yor fakat tek sorun bununla kalm\u0131yor.<\/p>\n

\u00a0<\/p>\n

Parola y\u00f6netici sistemlerin g\u00fcvenlik a\u00e7\u0131klar\u0131 sebebiyle \u015fifrelerinizin kaydedildi\u011fi ortamlara k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131mlar\u0131n y\u00fcklenmesi, hackerlar\u0131n parolalar\u0131n\u0131za eri\u015fmesine sebep olabilir. S\u00f6z konusu uygulamalar pop\u00fclerle\u015ftik\u00e7e bu hizmeti sa\u011flayan \u015firketlerde g\u00f6zle g\u00f6r\u00fcl\u00fcr bir art\u0131\u015f oldu ve hangisinin ger\u00e7ekten g\u00fcvenilir politikalarla i\u015fledi\u011fini se\u00e7mek zorla\u015ft\u0131.<\/p>\n

\u00a0<\/p>\n

Ek olarak, parola y\u00f6neticilerinin kullan\u0131c\u0131lardan ek bir kimlik do\u011frulama talep etmemesi, \u00e7evrimi\u00e7i kimlik h\u0131rs\u0131zl\u0131\u011f\u0131na zemin haz\u0131rlad\u0131. Tahmin edilebilir parolalar veya daha \u00f6nce ele ge\u00e7irilmi\u015f \u015fifrelerin tekrar kullan\u0131lmas\u0131, ikinci bir do\u011frulamaya tabi tutulmayan k\u00f6t\u00fc niyetli ki\u015filerin i\u015fini kolayla\u015ft\u0131rd\u0131.<\/p>\n

\u00a0<\/p>\n

Otomatik doldurma se\u00e7ene\u011fi size yapaca\u011f\u0131n\u0131z giri\u015flerde h\u0131z kazand\u0131r\u0131yor, biliyoruz. Fakat ya kontrol\u00fcn\u00fczde olmayan siteler bu \u00f6zellikten yararlan\u0131rsa? Bu durumda parola y\u00f6neticilerinin en b\u00fcy\u00fck avantaj\u0131, aniden bir dezavantaja d\u00f6n\u00fc\u015f\u00fcyor.<\/p>\n

\u00a0<\/p>\n

Hem H\u0131zl\u0131 Hem G\u00fcvenilir: Parolas\u0131z Kimlik Do\u011frulama<\/strong><\/p>\n

\u00a0<\/strong><\/p>\n

Yukar\u0131da s\u00f6z\u00fcn\u00fc etti\u011fimiz pek \u00e7ok sorun, sistem ve uygulamalara giri\u015flerde hala parolalar\u0131n kullan\u0131lmas\u0131yla ortaya \u00e7\u0131k\u0131yor. Unutmas\u0131 veya s\u00fcrekli kar\u0131\u015ft\u0131r\u0131lmas\u0131 sebebiyle bir karga\u015faya sebep olan parolal\u0131 giri\u015flere \u00e7\u00f6z\u00fcm olarak sunulan parola y\u00f6neticileri ise size sa\u011flad\u0131\u011f\u0131 kolayl\u0131\u011f\u0131n yan\u0131nda pek \u00e7ok risk ta\u015f\u0131yor. Bu sebeple Parolas\u0131z Kimlik Do\u011frulama, g\u00fcn\u00fcm\u00fcz teknolojisinden yararlanarak kendimizi garantiye alabilece\u011fimiz tek y\u00f6ntem. Bu se\u00e7enekte public\/private anahtar \u00e7iftlerinden olu\u015fan Public-Key Cryptography (PKC) altyap\u0131s\u0131n\u0131 kullan\u0131rken FIDO deste\u011fiyle s\u00fcreci en g\u00fcvenilir hale getiriyoruz.<\/p>\n

\u00a0<\/p>\n

Parolas\u0131z Kimlik Do\u011frulama, anl\u0131k bildirimler, QR kod, tek kullan\u0131ml\u0131k parola ve biyometrik veriler gibi sadece sizin taraf\u0131n\u0131zdan sa\u011flanabilecek bilgilerle ger\u00e7ekle\u015fiyor. Bu sayede kimlik ve veri h\u0131rs\u0131zl\u0131klar\u0131n\u0131n \u00f6n\u00fcne ge\u00e7iyor. AuthTake\u2019in Parolas\u0131z Kimlik Do\u011frulama y\u00f6ntemini daha g\u00fcvenli k\u0131lmak i\u00e7in ald\u0131\u011f\u0131 farkl\u0131 \u00f6nlemler de var. \u00d6rne\u011fin uzaktan kilitleme \u00f6zelli\u011fiyle oldu\u011funuz yerden ba\u011f\u0131ms\u0131z bir \u015fekilde verilerinizi koruyabilirsiniz. Oturumunuzun uzun s\u00fcre a\u00e7\u0131k kald\u0131\u011f\u0131 durumlarda ise bir alarmla uyar\u0131 alarak m\u00fcdahale etme \u015fans\u0131 yakalayabilirsiniz. Sniffing, MITM gibi verilerinizi ele ge\u00e7irmeyi ama\u00e7layan sald\u0131r\u0131lara y\u00f6nelik mobil uygulamadan kullan\u0131c\u0131 do\u011frulama i\u015fleminin ba\u015flat\u0131lmas\u0131 sayesinde, bu sald\u0131r\u0131lar\u0131n ba\u015far\u0131yla engellendi\u011fini g\u00f6zlemlersiniz. Ayn\u0131 zamanda AuthTake Parolas\u0131z Kimlik Do\u011frulama, \u00e7evrimd\u0131\u015f\u0131 modu sayesinde sisteme ba\u011fl\u0131 de\u011filken bile PIN kullanarak eri\u015fiminize olanak tan\u0131r.<\/p>\n

\u00a0<\/p>\n

Parola y\u00f6neticilerinin sa\u011flad\u0131\u011f\u0131 kolayl\u0131\u011fa al\u0131\u015fm\u0131\u015f olsan\u0131z da kimlik ve veri g\u00fcvenli\u011finiz i\u00e7in her zaman daha iyi bir y\u00f6ntemin oldu\u011funu sizlere hat\u0131rlatmak isteriz. Sorunlardan ve risklerden uzakta, sadece sizin taraf\u0131n\u0131zdan sa\u011flanabilecek bilgilerle yapaca\u011f\u0131n\u0131z parolas\u0131z giri\u015flerin ayn\u0131 zamanda olduk\u00e7a h\u0131zl\u0131 ve pratik oldu\u011funu da unutmamak gerek\u2026<\/p>\n

\u00a0<\/p>\n

Parolas\u0131z Kimlik Do\u011frulama y\u00f6nteminin avantajlar\u0131n\u0131 ve kullan\u0131m kolayl\u0131\u011f\u0131n\u0131 AuthTake ile deneyimleyebilirsiniz.<\/p>\n

\u00a0<\/p>\n

\u00a0<\/p>\n

<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t

\n\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t\n\t\t\t\t\t\t\n\t\t\t\t\t\tBize Ula\u015f\u0131n<\/span>\n\t\t<\/span>\n\t\t\t\t\t<\/a>\n\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>","protected":false},"excerpt":{"rendered":"

Small-scale battles with passwords, nervous breakdowns after forgotten passwords, and our brains struggling to come up with new passwords finally got us to say: “Help!” And someone must have heard our voices because the concept of “Password Manager” was born. But it didn’t take us long to realize that this mechanism was no different from a band-aid in a first aid kit. First interventions usually feel good. Password managers were first responders to the cries for help from users drowning in passwords, which felt good at the time, but of course fell short of meeting long-term needs. The next step was a professional treatment process\u2026 Passwordless authentication! \u00a0 Problems of Password Managers \u00a0 The countless passwords required by many systems and applications have been scanned by password manager applications, saved and become autofillable for you. Although automatically filling in your password when you enter an application may seem like a comforting application, we would like to remind you that you will face a much bigger problem if you forget your master password. Having a single password managing interconnected systems is an indication that other accounts and personal information may also be at risk. Precautions against this risk are of course taken for admin systems with passwords for multiple accounts, but this is not the only problem. \u00a0 Due to security vulnerabilities in password management systems, installing malware on the media where your passwords are saved may cause hackers to access your passwords. As the application in question has become more and more popular, there has been a noticeable increase in companies providing this service, and it has become difficult to choose which one operates with truly reliable policies. \u00a0 In addition, password managers do not require additional authentication from users, paving the way for online identity theft. Predictable passwords or the reuse of previously compromised passwords made it easier for malicious actors who were not subjected to a second verification. \u00a0 We know that the auto-fill option gives you speed in your logins. But what if sites you don’t control take advantage of this feature? Technically, your passwords cannot be entered automatically on sites organized for phishing, but new software developed for cyberattacks now eliminates many impossible possibilities. In this situation, the biggest advantage of password managers suddenly becomes a disadvantage. \u00a0 Both Fast and Reliable: Passwordless Authentication \u00a0 Many of the problems that we mentioned above are caused by still using passwords to log into systems and applications. Password managers, which are offered as a solution to password logins that cause chaos due to being forgotten or constantly mixed up, carry many risks as well as the convenience they provide you. For this reason, Passwordless Authentication is the only method we can guarantee ourselves by taking advantage of today’s technology. In this option, we use Public-Key Cryptography (PKC) infrastructure consisting of public\/private key pairs, and we make the process the most reliable with FIDO support. \u00a0 Passwordless Authentication takes place with information that can only be provided by you, such as push notifications, QR code, one-time password and biometric data. This prevents identity and data theft. There are also different measures taken by AuthTake to make the Passwordless Authentication method more secure. For example, you can protect your data regardless of where you are with remote locking. In cases where your session remains open for a long time, you can get a chance to intervene by receiving an alarm. By initiating the user authentication process from the mobile application against attacks that aim to capture your data, such as Sniffing and MITM, you will observe that these attacks are successfully blocked. At the same time, AuthTake Passwordless Authentication allows you to access using a PIN even when you are not connected to the system thanks to its offline mode. \u00a0 Even though you may have gotten used to the convenience provided by password managers, we would like to remind you that there is always a better method for your identity and data security. It shouldn\u2019t be forgotten that passwordless logins, which you can make with the information that can only be provided by you, away from problems and risks, are also very fast and practical… \u00a0 You can experience the advantages and ease of use of the Passwordless Authentication method for free for 30 days with AuthTake. \u00a0 \u00a0 Contact Us<\/p>","protected":false},"author":1,"featured_media":16507,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[45],"tags":[],"_links":{"self":[{"href":"https:\/\/authtake.com\/tr\/wp-json\/wp\/v2\/posts\/16499"}],"collection":[{"href":"https:\/\/authtake.com\/tr\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/authtake.com\/tr\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/authtake.com\/tr\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/authtake.com\/tr\/wp-json\/wp\/v2\/comments?post=16499"}],"version-history":[{"count":11,"href":"https:\/\/authtake.com\/tr\/wp-json\/wp\/v2\/posts\/16499\/revisions"}],"predecessor-version":[{"id":16512,"href":"https:\/\/authtake.com\/tr\/wp-json\/wp\/v2\/posts\/16499\/revisions\/16512"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/authtake.com\/tr\/wp-json\/wp\/v2\/media\/16507"}],"wp:attachment":[{"href":"https:\/\/authtake.com\/tr\/wp-json\/wp\/v2\/media?parent=16499"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/authtake.com\/tr\/wp-json\/wp\/v2\/categories?post=16499"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/authtake.com\/tr\/wp-json\/wp\/v2\/tags?post=16499"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}