{"id":5502,"date":"2018-12-21T20:15:22","date_gmt":"2018-12-21T17:15:22","guid":{"rendered":"https:\/\/www.kaspersky.com.tr\/blog\/?p=5502"},"modified":"2019-11-15T14:35:08","modified_gmt":"2019-11-15T11:35:08","slug":"never-reuse-passwords-story","status":"publish","type":"post","link":"https:\/\/www.kaspersky.com.tr\/blog\/never-reuse-passwords-story\/5502\/","title":{"rendered":"Neden parolalar\u0131 asla tekrar kullanmamal\u0131s\u0131n\u0131z?"},"content":{"rendered":"

Her \u015fey i\u00e7in tek bir parola kullanmak pratik olsa da g\u00fcvenli de\u011fildir ve tehlikelere yol a\u00e7abilir. Bu duruma \u00f6rnek olarak gen\u00e7 tasar\u0131mc\u0131 Mark’\u0131n ba\u015f\u0131na gelenlere g\u00f6z atal\u0131m.<\/p>\n

Mark s\u0131radan biri. E-posta, Facebook, Instagram, Amazon, eBay, Steam ve Battle.net hesaplar\u0131n\u0131n yan\u0131 s\u0131ra ba\u015fka bir\u00e7ok \u00e7evrimi\u00e7i ma\u011fazada ve en sevdi\u011fi bilgisayar oyunu ile ilgili bir forumda hesab\u0131 var. Bu hesaplar\u0131n tamam\u0131, Mark’\u0131n e-postas\u0131na ba\u011fl\u0131.<\/p>\n

Bir g\u00fcn, Mark’\u0131n da hesab\u0131n\u0131n oldu\u011fu \u00e7evrimi\u00e7i ma\u011fazalardan birinin veri taban\u0131nda s\u0131z\u0131nt\u0131 ya\u015fan\u0131r. G\u00f6r\u00fcn\u00fc\u015fe gere veri taban\u0131 a\u00e7\u0131k eri\u015fim sunucusunda \u015fifrelenmemi\u015f bir \u015fekilde tutulmaktad\u0131r. Veri taban\u0131ndan hi\u00e7bir kredi kart\u0131 bilgisi \u00e7al\u0131nmam\u0131\u015f olsa da e-posta adresleri, kullan\u0131c\u0131lar\u0131n adlar\u0131 ve parolalar\u0131 \u00e7al\u0131n\u0131r. \u0130lk bak\u0131\u015fta endi\u015felenecek bir durum yok gibi g\u00f6r\u00fcn\u00fcr. Bu gibi s\u0131z\u0131nt\u0131lar bir\u00e7ok internet sitesinde ya\u015fanabilir. \u00dcstelik s\u0131z\u0131nt\u0131 k\u00fc\u00e7\u00fck \u00f6l\u00e7ekli bir \u00e7evrimi\u00e7i ma\u011fazada ger\u00e7ekle\u015fmi\u015ftir; s\u0131radan bir ma\u011faza sahibini siber g\u00fcvenlik uzman\u0131 olmad\u0131\u011f\u0131 i\u00e7in su\u00e7layabilir miyiz?<\/p>\n

Fakat veri taban\u0131n\u0131 ele ge\u00e7iren siber su\u00e7lular, belki veri taban\u0131ndaki ki\u015filerden biri ayn\u0131 parolay\u0131 e-posta hesab\u0131nda da kullan\u0131yordur diye \u015fanslar\u0131n\u0131 denemeye karar verir. \u015eanslar\u0131 yaver gider: \u00d6yle ki b\u00fct\u00fcn hesaplar\u0131nda ayn\u0131 parolay\u0131 kullanan Mark, e-posta hesab\u0131na eri\u015fmeleri i\u00e7in gerekli t\u00fcm bilgileri siber su\u00e7lulara alt\u0131n bir tepside sunmu\u015ftur. Siber su\u00e7lular, Mark’\u0131n e-posta hesab\u0131nda yaln\u0131zca Mark’\u0131n Lucy’e g\u00f6nderdi\u011fi foto\u011fraflara de\u011fil, ayn\u0131 zamanda da Amazon, eBay ve di\u011fer \u015firketlerden gelen maillere de ula\u015f\u0131r. Mark di\u011fer hesaplar\u0131 i\u00e7in de ayn\u0131 parolay\u0131 kullanm\u0131\u015f olamaz, de\u011fil mi? Siber su\u00e7lular, Mark’\u0131n Amazon hesab\u0131na da girmeyi dener ve ayn\u0131 parolan\u0131n bu hesapta da kullan\u0131ld\u0131\u011f\u0131n\u0131 g\u00f6r\u00fcr.<\/p>\n

Amazon hesab\u0131nda kay\u0131tl\u0131 bir kredi kart\u0131 oldu\u011funu g\u00f6ren siber su\u00e7lular hemen kendilerine bir \u00e7ift iPhone Xs bulur. Daha sonra Mark’\u0131n Facebook hesab\u0131na giren siber su\u00e7lular, Mark’\u0131n arkada\u015flar\u0131na mesaj g\u00f6ndererek para ister: “Beyler, nakit paraya ihtiyac\u0131m var. Maa\u015f\u0131m yar\u0131n yat\u0131r\u0131lacak, ben size paran\u0131z\u0131 yar\u0131n geri \u00f6derim, s\u00f6z.” Mesaj\u0131 alan ki\u015filerden baz\u0131lar\u0131 Mark’\u0131n yak\u0131n arkada\u015flar\u0131 oldu\u011fu i\u00e7in ger\u00e7ekten de paray\u0131 siber su\u00e7lular\u0131n hesab\u0131na g\u00f6nderir.<\/p>\n

Fakat siber su\u00e7lular bununla da yetinmez. Sald\u0131rganlar, eri\u015febildikleri b\u00fct\u00fcn hesaplar\u0131n parolalar\u0131n\u0131 de\u011fi\u015ftirir. Yani Mark’\u0131n durumunda, hesaplar\u0131n tamam\u0131n\u0131n parolalar\u0131 de\u011fi\u015ftirilmi\u015f olur.<\/p>\n

Mark’\u0131n Facebook arkada\u015flar\u0131ndan birisi kendisine gelen mesajdan \u015f\u00fcphelenerek para isteyen ki\u015finin ger\u00e7ekten o olup olmad\u0131\u011f\u0131n\u0131 \u00f6\u011frenmek i\u00e7in Mark’\u0131 arar. Olanlar\u0131 arkada\u015f\u0131ndan \u00f6\u011frenen Mark, deh\u015fete d\u00fc\u015ferek Facebook parolas\u0131n\u0131 de\u011fi\u015ftirmek i\u00e7in bilgisayar\u0131n\u0131n ba\u015f\u0131na ko\u015far. Fakat parola, sald\u0131rganlar taraf\u0131ndan \u00e7oktan de\u011fi\u015ftirildi\u011fi i\u00e7in Mark hesab\u0131na giremez. Parolas\u0131n\u0131 kurtarmaya \u00e7al\u0131\u015fan Mark, Facebook’tan e-postas\u0131na parola s\u0131f\u0131rlama ba\u011flant\u0131s\u0131n\u0131 g\u00f6ndermesini ister ancak e-posta hesab\u0131n\u0131n parolas\u0131 da s\u0131f\u0131rland\u0131\u011f\u0131 i\u00e7in e-posta hesab\u0131na da giremez.<\/p>\n

Hesaplar\u0131na eri\u015femeyen Mark, ger\u00e7ekten hacklendi\u011fini anlar. Bankay\u0131 aray\u0131p kredi kartlar\u0131n\u0131 dondurur, umutsuz bir \u015fekilde hen\u00fcz hacklenmemi\u015f birka\u00e7 hesab\u0131n\u0131n parolas\u0131n\u0131 de\u011fi\u015ftirmeyi dener ve arkada\u015flar\u0131n\u0131 arayarak para isteyenin kendisi olmad\u0131\u011f\u0131n\u0131 s\u00f6yler. Paray\u0131 \u00e7oktan sald\u0131rganlara g\u00f6nderen arkada\u015flar\u0131ndan \u00f6z\u00fcr dileyip paralar\u0131n\u0131 geri \u00f6deyece\u011fine dair s\u00f6z verir.<\/p>\n

Sonu\u00e7 olarak Mark, bir daha farkl\u0131 hesaplar i\u00e7in ayn\u0131 parolay\u0131 kullanmayaca\u011f\u0131 ve m\u00fcmk\u00fcn olan her yerde iki fakt\u00f6rl\u00fc kimlik do\u011frulama kullanaca\u011f\u0131 konusunda kendisine s\u00f6z verir.<\/p>\n\n","protected":false},"excerpt":{"rendered":"

Her \u015fey i\u00e7in tek bir parola kullanmak pratik olsa da g\u00fcvenli de\u011fildir ve tehlikelere yol a\u00e7abilir. Bu duruma \u00f6rnek olarak gen\u00e7 tasar\u0131mc\u0131 Mark’\u0131n ba\u015f\u0131na gelenlere g\u00f6z atal\u0131m.<\/p>\n","protected":false},"author":675,"featured_media":5503,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1284],"tags":[1624,1790,1791,519,1525,1789,405,1792],"class_list":{"0":"post-5502","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-tips","8":"tag-2fa","9":"tag-hikaye","10":"tag-iki-adimlu-dogrulama","11":"tag-ipuclari-2","12":"tag-parolalar","13":"tag-parolar-yoneticisi","14":"tag-password-manager","15":"tag-vasya"},"hreflang":[{"hreflang":"tr","url":"https:\/\/www.kaspersky.com.tr\/blog\/never-reuse-passwords-story\/5502\/"},{"hreflang":"en-in","url":"https:\/\/www.kaspersky.co.in\/blog\/never-reuse-passwords-story\/14742\/"},{"hreflang":"en-ae","url":"https:\/\/me-en.kaspersky.com\/blog\/never-reuse-passwords-story\/12348\/"},{"hreflang":"ar","url":"https:\/\/me.kaspersky.com\/blog\/never-reuse-passwords-story\/6104\/"},{"hreflang":"en-us","url":"https:\/\/usa.kaspersky.com\/blog\/never-reuse-passwords-story\/16660\/"},{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/never-reuse-passwords-story\/14850\/"},{"hreflang":"es-mx","url":"https:\/\/latam.kaspersky.com\/blog\/never-reuse-passwords-story\/13833\/"},{"hreflang":"es","url":"https:\/\/www.kaspersky.es\/blog\/never-reuse-passwords-story\/17467\/"},{"hreflang":"it","url":"https:\/\/www.kaspersky.it\/blog\/never-reuse-passwords-story\/16666\/"},{"hreflang":"ru","url":"https:\/\/www.kaspersky.ru\/blog\/never-reuse-passwords-story\/21823\/"},{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/never-reuse-passwords-story\/24808\/"},{"hreflang":"fr","url":"https:\/\/www.kaspersky.fr\/blog\/never-reuse-passwords-story\/11225\/"},{"hreflang":"pl","url":"https:\/\/plblog.kaspersky.com\/never-reuse-passwords-story\/10115\/"},{"hreflang":"de","url":"https:\/\/www.kaspersky.de\/blog\/never-reuse-passwords-story\/18188\/"},{"hreflang":"ja","url":"https:\/\/blog.kaspersky.co.jp\/never-reuse-passwords-story\/22110\/"},{"hreflang":"nl","url":"https:\/\/www.kaspersky.nl\/blog\/never-reuse-passwords-story\/23741\/"},{"hreflang":"ru-kz","url":"https:\/\/blog.kaspersky.kz\/never-reuse-passwords-story\/17712\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/never-reuse-passwords-story\/21592\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/never-reuse-passwords-story\/21591\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.com.tr\/blog\/tag\/parolalar\/","name":"parolalar"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/5502","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/users\/675"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/comments?post=5502"}],"version-history":[{"count":4,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/5502\/revisions"}],"predecessor-version":[{"id":6868,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/5502\/revisions\/6868"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media\/5503"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media?parent=5502"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/categories?post=5502"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/tags?post=5502"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}