[{"data":1,"prerenderedAt":205},["ShallowReactive",2],{"blog-post-zh-generate-secure-passwords-online":3},{"id":4,"title":5,"author":6,"body":7,"description":190,"draft":191,"extension":192,"lang":193,"meta":194,"navigation":195,"path":196,"pubDate":197,"relatedTool":198,"seo":199,"stem":200,"tags":201,"__hash__":204},"blog\u002Fblog\u002Fzh-generate-secure-passwords-online.mdx","如何在线生成安全密码","ujiffy team",{"type":8,"value":9,"toc":181},"minimark",[10,14,18,21,25,28,35,50,60,66,69,97,101,104,131,134,137,140,166,169,172],[11,12,13],"h2",{"id":13},"为什么密码安全不容忽视",[15,16,17],"p",{},"数据泄露每天都在发生。仅 2024 年，就有数十亿条账号凭据在各类泄露事件中曝光，波及从社交媒体到金融机构的众多服务。残酷的现实是：一旦你在多个平台复用弱密码，任意一次泄露都可能引发连锁账号被盗。",[15,19,20],{},"强大且唯一的密码是你的第一道——也往往是最有效的——防线。",[11,22,24],{"id":23},"什么是强密码","什么是\"强密码\"？",[15,26,27],{},"一个强密码具备四个关键特征：",[15,29,30,34],{},[31,32,33],"strong",{},"长度"," —— 至少 12 位字符；16 位或更长会显著提升安全性。每增加一位字符，暴力破解需要尝试的组合数就会呈指数级增长。",[15,36,37,40,41,45,46,49],{},[31,38,39],{},"随机性"," —— 人为选择的密码往往可以预测。我们倾向于使用单词、名字、键盘规律（",[42,43,44],"code",{},"qwerty123","）和字符替换（",[42,47,48],{},"p@ssw0rd","），而这些都是攻击者首先会尝试的。真正的随机性能彻底消除这种可预测性。",[15,51,52,55,56,59],{},[31,53,54],{},"字符多样性"," —— 混合使用大写字母、小写字母、数字和符号（",[42,57,58],{},"!@#$%^&*","），能大幅扩展破解算法的搜索空间。",[15,61,62,65],{},[31,63,64],{},"唯一性"," —— 每个账号应使用不同的密码。一旦某个网站的数据库被攻破，撞库攻击就无法影响你的其他账号。",[11,67,68],{"id":68},"你应该了解的常见密码攻击方式",[70,71,72,79,85,91],"ul",{},[73,74,75,78],"li",{},[31,76,77],{},"暴力破解"," —— 穷举所有可能的组合。字符集有限的短密码在数秒内即可被破解。",[73,80,81,84],{},[31,82,83],{},"字典攻击"," —— 使用常见单词、短语及已知泄露密码的列表进行尝试。",[73,86,87,90],{},[31,88,89],{},"撞库攻击"," —— 利用一次泄露获得的用户名和密码，尝试登录其他服务。",[73,92,93,96],{},[31,94,95],{},"钓鱼攻击"," —— 诱骗你在伪造网站上输入密码。强密码对此无能为力——请使用密码管理器并仔细核对网址。",[11,98,100],{"id":99},"如何使用-ujiffy-密码生成器","如何使用 ujiffy 密码生成器",[15,102,103],{},"ujiffy 的密码生成器完全在浏览器中通过加密随机算法生成密码：",[105,106,107,113,119,125],"ol",{},[73,108,109,112],{},[31,110,111],{},"设置长度"," —— 拖动滑块或直接输入数字。建议至少 16 位。",[73,114,115,118],{},[31,116,117],{},"选择字符集"," —— 按需开启或关闭大写字母、小写字母、数字和符号。",[73,120,121,124],{},[31,122,123],{},"点击「生成」"," —— 立即得到一个新的随机密码。",[73,126,127,130],{},[31,128,129],{},"一键复制"," —— 直接粘贴到你的密码管理器中。",[15,132,133],{},"由于生成过程完全在浏览器内通过 Web Crypto API 完成，密码不会上传到任何服务器，无任何日志记录，无任何拦截风险。",[11,135,136],{"id":136},"生成强密码之后的最佳实践",[15,138,139],{},"生成强密码只是第一步，接下来还需要：",[70,141,142,148,154,160],{},[73,143,144,147],{},[31,145,146],{},"存入密码管理器","（如 Bitwarden、1Password 等）——不要试图靠记忆。",[73,149,150,153],{},[31,151,152],{},"尽可能开启双重认证（2FA）","，为账号增加第二层保护。",[73,155,156,159],{},[31,157,158],{},"切勿通过邮件、聊天或短信分享密码"," —— 如确有必要，请使用密码管理器的安全分享功能。",[73,161,162,165],{},[31,163,164],{},"定期更换关键账号密码","（邮箱、银行等）——至少每年一次，或在任何疑似泄露后立即更换。",[167,168],"hr",{},[15,170,171],{},"你的账号安全取决于最薄弱的那个密码。让 ujiffy 来处理随机性，让你专注于更重要的事。",[15,173,174],{},[175,176,178],"a",{"href":177},"\u002Fzh\u002Ftools\u002Fpassword-generator",[31,179,180],{},"立即使用 ujiffy 密码生成器 →",{"title":182,"searchDepth":183,"depth":183,"links":184},"",2,[185,186,187,188,189],{"id":13,"depth":183,"text":13},{"id":23,"depth":183,"text":24},{"id":68,"depth":183,"text":68},{"id":99,"depth":183,"text":100},{"id":136,"depth":183,"text":136},"了解什么才是真正安全的密码，掌握常见攻击手段，并通过 ujiffy 的免费密码生成器即时生成高强度随机密码。",false,"mdx","zh",{},true,"\u002Fblog\u002Fzh-generate-secure-passwords-online","2025-05-05","password-generator",{"title":5,"description":190},"blog\u002Fzh-generate-secure-passwords-online",[202,203],"密码","安全","TPjN_ujzQWGFVhcAOavla3SjHzRtP57wV1HhYddWBUA",1778831413200]