mirror of
https://github.com/privacyguides/i18n.git
synced 2026-01-27 22:30:37 +00:00
New Crowdin translations by GitHub Action
This commit is contained in:
Crowdin Bot
@@ -1,10 +1,10 @@
|
||||
---
|
||||
title: "Autentikasi Multifaktor"
|
||||
title: "Multifactor Authentication"
|
||||
icon: 'material/two-factor-authentication'
|
||||
description: MFA adalah mekanisme keamanan penting untuk mengamankan akun daring Anda, tetapi beberapa metode lebih kuat daripada yang lain.
|
||||
---
|
||||
|
||||
**Autentikasi Multifaktor** (**Multi-Factor Authentication; MFA**) adalah mekanisme keamanan yang memerlukan langkah tambahan selain memasukkan nama pengguna (atau surel) dan kata sandi Anda. Metode yang paling umum adalah kode terbatas waktu yang mungkin Anda terima dari SMS atau aplikasi.
|
||||
**Multifactor Authentication** (**MFA**) is a security mechanism that requires additional steps beyond entering your username (or email) and password. Metode yang paling umum adalah kode terbatas waktu yang mungkin Anda terima dari SMS atau aplikasi.
|
||||
|
||||
Biasanya, jika seorang peretas (atau musuh) berhasil mengetahui kata sandi Anda, mereka akan mendapatkan akses ke akun pemilik kata sandi tersebut. Akun dengan MFA memaksa peretas untuk mendapatkan kata sandi (sesuatu yang Anda *tahu*) dan perangkat yang Anda miliki (sesuatu yang Anda *miliki*), seperti ponsel Anda.
|
||||
|
||||
@@ -26,7 +26,7 @@ Keamanan MFA notifikasi Push bergantung pada kualitas aplikasi, komponen server,
|
||||
|
||||
### Time-based One-time Password (TOTP)
|
||||
|
||||
TOTP adalah salah satu bentuk MFA yang paling umum yang tersedia. Ketika Anda menyiapkan TOTP, Anda biasanya diminta untuk memindai [Kode QR](https://en.wikipedia.org/wiki/QR_code) yang membentuk "[rahasia bersama](https://en.wikipedia.org/wiki/Shared_secret)" dengan layanan yang ingin Anda gunakan. Rahasia bersama tersebut diamankan dalam data aplikasi autentikator, dan terkadang dilindungi oleh kata sandi.
|
||||
TOTP adalah salah satu bentuk MFA yang paling umum yang tersedia. Ketika Anda menyiapkan TOTP, Anda biasanya diminta untuk memindai [Kode QR](https://en.wikipedia.org/wiki/QR_code) yang membentuk "[rahasia bersama](https://en.wikipedia.org/wiki/Shared_secret)" dengan layanan yang ingin Anda gunakan. The shared secret is secured inside the authenticator app's data, and is sometimes protected by a password.
|
||||
|
||||
Kode terbatas waktunya kemudian diperoleh dari rahasia bersama dan waktu saat ini. Karena kode hanya berlaku untuk waktu yang singkat, tanpa akses ke rahasia bersama, musuh tidak dapat membuat kode baru.
|
||||
|
||||
@@ -82,7 +82,7 @@ This presentation discusses the history of password authentication, the pitfalls
|
||||
|
||||
FIDO2 and WebAuthn have superior security and privacy properties when compared to any MFA methods.
|
||||
|
||||
Typically for web services it is used with WebAuthn which is a part of the [W3C recommendations](https://en.wikipedia.org/wiki/World_Wide_Web_Consortium#W3C_recommendation_(REC)). It uses public key authentication and is more secure than shared secrets used in Yubico OTP and TOTP methods, as it includes the origin name (usually, the domain name) during authentication. Attestation is provided to protect you from phishing attacks, as it helps you to determine that you are using the authentic service and not a fake copy.
|
||||
Typically, for web services it is used with WebAuthn which is a part of the [W3C recommendations](https://en.wikipedia.org/wiki/World_Wide_Web_Consortium#W3C_recommendation_(REC)). It uses public key authentication and is more secure than shared secrets used in Yubico OTP and TOTP methods, as it includes the origin name (usually, the domain name) during authentication. Attestation is provided to protect you from phishing attacks, as it helps you to determine that you are using the authentic service and not a fake copy.
|
||||
|
||||
Unlike Yubico OTP, WebAuthn does not use any public ID, so the key is **not** identifiable across different websites. It also does not use any third-party cloud server for authentication. All communication is completed between the key and the website you are logging into. FIDO also uses a counter which is incremented upon use in order to prevent session reuse and cloned keys.
|
||||
|
||||
@@ -116,15 +116,15 @@ If you use SMS MFA, use a carrier who will not switch your phone number to a new
|
||||
|
||||
## More Places to Set Up MFA
|
||||
|
||||
Beyond just securing your website logins, multi-factor authentication can be used to secure your local logins, SSH keys or even password databases as well.
|
||||
Beyond just securing your website logins, multifactor authentication can be used to secure your local logins, SSH keys or even password databases as well.
|
||||
|
||||
### macOS
|
||||
|
||||
macOS has [native support](https://support.apple.com/guide/deployment/intro-to-smart-card-integration-depd0b888248/web) for authentication with smart cards (PIV). If you have a smartcard or a hardware security key that supports the PIV interface such as the YubiKey, we recommend that you follow your smartcard/hardware security vendor's documentation and set up second factor authentication for your macOS computer.
|
||||
macOS has [native support](https://support.apple.com/guide/deployment/intro-to-smart-card-integration-depd0b888248/web) for authentication with smart cards (PIV). If you have a smart card or a hardware security key that supports the PIV interface such as the YubiKey, we recommend that you follow your smart card or hardware security vendor's documentation and set up second factor authentication for your macOS computer.
|
||||
|
||||
Yubico have a guide [Using Your YubiKey as a Smart Card in macOS](https://support.yubico.com/hc/articles/360016649059) which can help you set up your YubiKey on macOS.
|
||||
|
||||
After your smartcard/security key is set up, we recommend running this command in the Terminal:
|
||||
After your smart card/security key is set up, we recommend running this command in the Terminal:
|
||||
|
||||
```text
|
||||
sudo defaults write /Library/Preferences/com.apple.loginwindow DisableFDEAutoLogin -bool YES
|
||||
@@ -159,4 +159,4 @@ SSH MFA can also be set up using TOTP. DigitalOcean has provided a tutorial [How
|
||||
|
||||
### KeePass (and KeePassXC)
|
||||
|
||||
KeePass and KeePassXC databases can be secured using Challenge-Response or HOTP as a second-factor authentication. Yubico has provided a document for KeePass [Using Your YubiKey with KeePass](https://support.yubico.com/hc/articles/360013779759-Using-Your-YubiKey-with-KeePass) and there is also one on the [KeePassXC](https://keepassxc.org/docs/#faq-yubikey-2fa) website.
|
||||
KeePass and KeePassXC databases can be secured using HOTP or Challenge-Response as a second-factor of authentication. Yubico has provided a document for KeePass [Using Your YubiKey with KeePass](https://support.yubico.com/hc/articles/360013779759-Using-Your-YubiKey-with-KeePass) and there is also one on the [KeePassXC](https://keepassxc.org/docs/#faq-yubikey-2fa) website.
|
||||
|
||||
Reference in New Issue
Block a user