This site uses cookies.
Some of these cookies are essential to the operation of the site,
while others help to improve your experience by providing insights into how the site is being used.
For more information, please see the ProZ.com privacy policy.
This person has a SecurePRO™ card. Because this person is not a ProZ.com Plus subscriber, to view his or her SecurePRO™ card you must be a ProZ.com Business member or Plus subscriber.
Affiliations
This person is not affiliated with any business or Blue Board record at ProZ.com.
Services
Translation, Interpreting, Website localization, Software localization, Subtitling, Transcription, Training
Expertise
Specializes in:
Computers (general)
Computers: Software
Computers: Systems, Networks
Computers: Hardware
Also works in:
Telecom(munications)
Electronics / Elect Eng
IT (Information Technology)
More
Less
Rates
Payment methods accepted
PayPal
Portfolio
Sample translations submitted: 1
English to Spanish: Passwords General field: Tech/Engineering Detailed field: Computers: Systems, Networks
Source text - English Users re-use passwords for multiple services.
If an attacker gains access to one server and can gain a list of passwords, he may be able to use this password to attack other services.
Therefore, only password hashes may be stored.
Secure hashing algorithms are easy to use in most languages and ensure the original password cannot be easily recovered and that wrong passwords are not falsely accepted.
Adding salts to the password hashes prevents the use of rainbow tables and significantly slows down brute-force attempts.
Strengthening slows both off-line brute-force attacks against stolen hashes and on-line brute-force in case the rate limiting fails.
However, it increases CPU load on the server and would open a vector for DDoS attacks if not prevented with login attempt limiting.
A good strengthening can slow down off-line brute-force attacks down by a factor of 10000 or more.
Limiting login attempts is necessary to prevent on-line brute-force attacks and DoS via the CPU usage of the password strengthening procedure.
Without a limit, an attacker can try a very large number of passwords directly against the server.
Assuming 100 attempts per second, which is reasonable for a normal web server, no significant strengthening and an attacker working with multiple threads, this would result in 259,200,000 passwords tried in a single month!
Not enforcing any password policies will lead to too many users choosing “123456”, “qwerty” or “password” as their password, opening the system up for attack.
Enforcing too strict password policies will force users to save passwords or write them down, generally annoy them and foster re-using the same password for all services.
Furthermore, users using secure passwords not matching the policies may be forced to use passwords which are harder to remember, but not necessarily secure.
A password consisting of 5 concatenated, randomly (!) chosen lowercase dictionary words is significantly more secure than an eight-character password consisting of mixed case letters, numbers and punctuation.
Take this into account if you do not get a password policy to implement, but have to design your own.
Translation - Spanish Los usuarios re-usan para múltiples servicios.
si un atacante gana acceso a un servidor y puede ganar una lista de contraseñas, el quizás sea capaz esta contraseña para atacar otros servicios.
por lo tanto, solo numerales como contraseña serán almacenados.los algoritmos de hash seguros son fáciles de usar in la mayoría de las lenguas y aseguran que la contraseña original no pueda ser fácilmente recuperada y que las contraseñas equivocadas no sean fácilmente aceptadas.
Agregando saltos a las contraseñas de hashes previene el uso de tablas arco iris y baja significativamente los intentos de fuerza bruta.
Fortaleciendo relentiza tanto ataques de fuerza bruta fuera de línea contra hashes robados y fuerza bruta en línea en caso que el intervalo limitador falle.
Sin embargo, esto incrementa la carga de la CPU en el servidor y abriría un vector para ataques de DDoS si no está prevenido con limitadores de intentos de acceso.
Un buen fortalecimiento puede ralentizar tanto ataques de fuerza bruta fuera de línea por un factor de 10000 o más.
Limitar los intentos de inicio de sesión es necesario para prevenir ataques en línea de fuerza bruta y DoS a través del uso de la CPU del procedimiento de fortalecimiento de la contraseña.
Sin un límite, un atacante puede intentar un gran número de contraseñas directamente contra el servidor.
Asumiendo 100 intentos por segundo, lo cual es razonable para un servidor web normal, un fortalecimiento no significativo y un atacante trabajando con múltiples amenazas, esto resultaría en 259,200,000 contraseñas intentadas en un solo mes!
No aplicar cualquier política de contraseñas llevará a demasiados usuarios a escoger "123456", "qwerty" o "contraseña" como su contraseña. abriendo el sistema para un ataque.
Aplicar políticas demasiado estrictas forzará a los usuarios a guardar contraseñas o escribirlas, generalmente molestándolos y fomenta reutilizar la misma contraseña para todos los servicios.
Además, los usuarios que usen contraseñas que no coincidan con las políticas de seguridad pueden verse forzados a usar contraseñas las cuales son mas difíciles de recordar, pero no sean sean necesariamente seguras.
Una contraseña que consista de 5 concatenadas, aleatoriamente (!) palabras elegidas del diccionario en minúsculas es significativamente más seguro que una contraseña de ocho caracteres consistiendo de letras,números y puntuaciones combinadas.
toma esto en cuenta si no obtiene una política de contraseña para implementar, pero tiene que diseñar la suya propia.
More
Less
Translation education
Graduate diploma - Universidad del Atlantico
Experience
Years of experience: 7. Registered at ProZ.com: May 2017.
Adobe Acrobat, Google Translator Toolkit, Idiom, Microsoft Excel, Microsoft Office Pro, Microsoft Word, Powerpoint, Translation Workspace
CV/Resume
CV available upon request
Bio
I am a computer technician with 5 years experience, currently I'm studying electronic engineering. I have some experience in tech support of tv, internet and phone service due to I worked for an american company which provides those services, which makes me have some knowledge about comunications and technology in general. Also I like to read about music, technology, movies in general as a hobby.