This site uses cookies.
Some of these cookies are essential to the operation of the site,
while others help to improve your experience by providing insights into how the site is being used.
For more information, please see the ProZ.com privacy policy.
Freelance translator and/or interpreter, Verified site user
Data security
This person has a SecurePRO™ card. Because this person is not a ProZ.com Plus subscriber, to view his or her SecurePRO™ card you must be a ProZ.com Business member or Plus subscriber.
Affiliations
This person is not affiliated with any business or Blue Board record at ProZ.com.
English to Portuguese: Users re-use passwords for multiple services. General field: Tech/Engineering Detailed field: IT (Information Technology)
Source text - English Users re-use passwords for multiple services.
If an attacker gains access to one server and can gain a list of passwords, he may be able to use this password to attack other services.
Therefore, only password hashes may be stored.
Secure hashing algorithms are easy to use in most languages and ensure the original password cannot be easily recovered and that wrong passwords are not falsely accepted.
Adding salts to the password hashes prevents the use of rainbow tables and significantly slows down brute-force attempts.
Strengthening slows both off-line brute-force attacks against stolen hashes and on-line brute-force in case the rate limiting fails.
However, it increases CPU load on the server and would open a vector for DDoS attacks if not prevented with login attempt limiting.
A good strengthening can slow down off-line brute-force attacks down by a factor of 10000 or more.
Limiting login attempts is necessary to prevent on-line brute-force attacks and DoS via the CPU usage of the password strengthening procedure.
Without a limit, an attacker can try a very large number of passwords directly against the server.
Assuming 100 attempts per second, which is reasonable for a normal web server, no significant strengthening and an attacker working with multiple threads, this would result in 259,200,000 passwords tried in a single month!
Not enforcing any password policies will lead to too many users choosing “123456”, “qwerty” or “password” as their password, opening the system up for attack.
Enforcing too strict password policies will force users to save passwords or write them down, generally annoy them and foster re-using the same password for all services.
Furthermore, users using secure passwords not matching the policies may be forced to use passwords which are harder to remember, but not necessarily secure.
A password consisting of 5 concatenated, randomly (!) chosen lowercase dictionary words is significantly more secure than an eight-character password consisting of mixed case letters, numbers and punctuation.
Take this into account if you do not get a password policy to implement, but have to design your own.
Translation - Portuguese Usuários reutilizam senhas para serviços diversos.
Se um hacker consegue acesso a um servidor e pode conseguir uma lista de senhas, ele pode utilizar essa senha para atacar outros serviços.
Portanto, somente hashes de senha devem ser armazenados.
Algoritmos seguros de hash são fáceis de utilizar na maior parte das linguagens e assegura que a senha original não possa ser facilmente recuperada, e que senhas incorretas não sejam aceitas de forma falsa.
Adicionar sal aos hashes de senha previne o uso de rainbow tables e diminui significativamente tentativas de ataque de força bruta.
O fortalecimento reduz tanto ataques de força bruta offline contra hashes roubados, quanto força bruta online caso o limite de tráfego falhe.
Entretanto, isso aumenta a carga da CPU no servidor e abriria um vetor para ataques DDoS, caso não fosse prevenido com um limite de tentativas de login.
Um bom fortalecimento pode reduzir ataques de força bruta offline em cerca de 10.000 vezes ou mais.
É necessário limitar as tentativas de login para impedir ataques de força bruta online e DoS, através do uso da CPU do procedimento de fortalecimento de senha.
Sem um limite, um hacker pode tentar um número muito grande de senhas diretamente contra o servidor.
Supondo que fossem 100 tentativas por segundo, o que é razoável para um servidor web comum, sem um fortalecimento significativo e um hacker trabalhando com múltiplos threads, isso resultaria em 259.200.000 de senhas testadas em um único mês!
Não aplicar nenhuma política de senhas levará muitos usuários a escolher "123456", "qwerty" ou "senha" como suas senhas, abrindo o sistema para ataques.
Aplicar uma política de senha muito rígida forçará os usuários a salvar suas senhas ou escrevê-las em algum lugar, geralmente os irritando e estimulando a reutilização da mesma senha para todos os serviços.
Além disso, usuários utilizando senhas que não se enquadram nas políticas podem ser forçados a utilizar senhas mais difíceis de se lembrar, mas que não são necessariamente seguras.
Uma senha que consista em 5 palavras do dicionário encadeadas, escolhidas aleatoriamente (!) é significativamente mais segura do que uma senha de oito caracteres que consiste em letras maiúsculas e minúsculas, números e pontuações.
Leve isso em consideração caso não tenha uma política de senha para implementar, mas tenha que criar a sua própria.
More
Less
New! Video portfolio:
More
Less
Translation education
Bachelor's degree - Universidade Federal da Bahia
Experience
Years of experience: 4. Registered at ProZ.com: Jul 2019.
Language is not a barrier, it’s a bridge that connects us with the most wonderful minds in the world.
I’m a detail-oriented, creative, and high-skilled English to Brazilian Portuguese Translator and Subtitler. I solve people's linguistic problems and help them achieve their goals by walking them over the language bridge.
I dedicate my academic life to studying Linguistics and Literature. During my undergraduate, I was a member of a Federal University's translation research group, which had the goal to study, analyze and discuss works of African American writers, such as Toni Morrison, Audre Lorde, Langston Hughes, and more. I also taught from basic to advanced general and academic English at several extension programs promoted by the university, such as “Idiomas sem Fronteiras” (Languages Without Borders - a branch from Science Without Borders). Those programs made language learning accessible to the students and the community.
I’m currently finishing my Graduate Degree in Audiovisual Translation and preparing myself to take a Master’s Degree in Translation as well.
My areas of interest are Audiovisual, Subtitling for the Deaf and Hard-of-Hearing (SDH), Video Games, UI / UX Design, Literature, Languages, Linguistics, Music, Traveling, Education, and Art in general.
I have experience in Subtitling, Captioning, and Transcription in several different areas, the main ones being entertainment (movies and series), training for companies, medicine, oil&gas, music, technology, and religion.
I also have experience in text translation in some different areas, the main ones being literature, mechanics, academics, and technology.
As I volunteer, I’m very proud of being part of the TED Translators, Translators Without Borders, and Coursera GTC Teams.
As a personal interest, I’m really passionate about music. I have deeply studied classical and electric guitar, and I’m now venturing myself with the ukulele. After all, music is also a very beautiful language.
Keywords: professional translator, professional translation, professional localisation, professional localization, translation services, professional translation services, English to Portuguese, English to Brazilian Portuguese, English to Portuguese translation, English to Brazilian Portuguese translation. See more.professional translator, professional translation, professional localisation, professional localization, translation services, professional translation services, English to Portuguese, English to Brazilian Portuguese, English to Portuguese translation, English to Brazilian Portuguese translation, English to Portuguese translation services, English to Brazilian Portuguese translation services, Brazilian market, professional transcription, Brazilian Portuguese transcription, Portuguese transcription, translate scanned PDF, scanned PDF translation, scanned PDF translator, professional website localization, professional website localisation, professional website translation, professional website translator, professional site localization, professional site localisation, professional site translator, professional site translation, scanned text translation, scanned book translation, scanned page translation, scanned pages translation, scanned text translator, scanned book translator, scanned page translator, scanned pages translator, SDL, Trados, Studio, SDL Trados, SDL Studio, Trados Studio, SDL Trados Studio, Amara, Subtitle, Subtitling, Subtitle Workshop, Subtitle Edit, Subtitle Translator. See less.
Expertise