Template:Committed identity/doc: Difference between revisions
Appearance
Content deleted Content added
m Reverted edits by Serdio Siller Canela (talk) to last revision by DavidCary (HG) |
←Replaced content with 'Serdio Siller{29 de Novembro de 1998 Moçambique,Maputo,Chokwe} Biografia Serdio Siller Canela,com seu verdadeiro nome Serdio Machava,...' |
||
Line 1: | Line 1: | ||
Serdio Siller{29 de Novembro de 1998 Moçambique,Maputo,Chokwe} |
|||
{{documentation subpage}} |
|||
This template gives you a <nowiki>way</nowiki> to later prove that you are the person who was in control of your account on the day this template was placed. This is done by putting a code (called a "hash") on your user page so that, in the event that your account is compromised, you can convince someone else that you are really the person behind your username. |
|||
==Why?== |
|||
Biografia |
|||
The intended use of this template is to help in the hopefully unlikely event that your account is compromised. If you published your real-life identity, then that identity could be used to reestablish contact with you if your account were compromised; keep in mind, in this scenario contact could not be established with you through your account, since it may be under the control of someone else. However, many Wikipedia users do not disclose their real-life identities, or disclose little enough of them that it may be difficult to establish their identity. |
|||
Serdio Siller Canela,com seu verdadeiro nome Serdio Machava,è um menino de 16 anos de idade que vive em Maputo,captal de Mozambique ele gosta de 2 actores Mexicanos que são:Eugenio Siller y Jencarlos Canela e outros actores. |
|||
This is not a replacement for having a [[Password strength|strong password]], nor for registering an email address for your account. You should still do everything you can to prevent your account being compromised, including using a strong password and remembering to log yourself out when using a computer to which others may have access. If you have one, it may also be helpful to post your [[Pretty Good Privacy|PGP]] public key. But even with the best of precautions, your account could become compromised, for instance, via a [[trojan horse (computing)|trojan horse]] or a brute-force attack on your password. This is intended to be a last resort. |
|||
==How== |
|||
The idea is to use cryptographic hashes; you choose a secret string known only to yourself, put it through a one-way [[Cryptographic hash function|hash function]], and publish the result somewhere. It is infeasible to determine the secret string corresponding to the hash; hence, an attacker compromising an account presumably would not be able to supply the secret string. |
|||
=== Syntax === |
|||
:<code>{<nowiki/>{User committed identity|<var>hash</var>|<var>hash function used</var>|background=<var>[[Web_colors#CSS_colors|CSS color]]</var>|border=<var>[[Web_colors#CSS_colors|CSS color]]</var>|article=<var>[[Article (grammar)|grammatical article]] for the hash function</var>}}</code> |
|||
Italicized text should be replaced with appropriate input, or its parameter should be removed. Parameters are represented by "parameter=<var>value</var>", and separated by vertical bars |. |
|||
*Replace "hash" with the hash produced from your secret string. This unnamed parameter is equivalent to a parameter named "1" (see [[Help:Template#Parameters|parameters]]). |
|||
*The "hash function used" parameter, if not included, defaults to [[SHA-512]]. (This hash function is strongly recommended.) |
|||
*The "background" parameter, if not included, defaults to #E0E8FF (<span style="background-color: #E0E8FF;">light blue</span>, see [[Web colors#Hex triplet]]) |
|||
*The "border" parameter, if not included, also defaults to #E0E8FF. |
|||
*The "article" parameter, if not included, defaults to "a". The other likely value is "an". |
|||
For example, if your hash is "ef7c4c55a176bd20ed558aaefde21c4803080195" using [[SHA-1]], and you want a light orange box with a black border, use the following code: |
|||
:<code>{<nowiki/>{User committed identity|ef7c4c55a176bd20ed558aaefde21c4803080195|SHA-1|background=#FC9|border=#000}}</code> |
|||
to produce |
|||
{{User committed identity|ef7c4c55a176bd20ed558aaefde21c4803080195|SHA-1|background=#FC9|border=#000}} |
|||
=== Choosing a good secret string === |
|||
# Your secret string should end with a long string of random text, such as "fFfwq0DuDmMXj8hYTM3NTKeDhk". This ensures that brute force and dictionary attacks cannot infer your identity from your public hash. |
|||
# Your secret string should specify enough of your identity that, if the string were revealed, you could unambiguously prove you match that identity. At least two means of contact is a good rule. For instance, your secret string could include a telephone number and email address at which you can be reached. However, it should ''not'' contain data that you are not willing to show to Wikipedia's administrative staff. |
|||
# Try not to choose a secret string that represents your identity that could go completely out of date. For instance, it may be bad to choose a string that specifies ''only'' your telephone number as that number might change. |
|||
# If you want to change your secret string, do so, but keep track of all your old secret strings. It is best to reveal all of them if you ever want to confirm your identity, as this will establish that you are the same person who used your account from the first moment the committed identity was published. |
|||
# Advanced options: |
|||
#* If you have public accounts on other websites with different passwords, list URLs of those accounts. You can later take a specified action to prove that you own those accounts. For example, if you have a YouTube account, an administrator can provide a string which you then insert in a video comment. |
|||
#* You may include information such as your driver's license number, national identification number, or passport number. You can then later supply copies of these documents as additional evidence to prove your identity. |
|||
#* Another option is to take a photo or video of yourself, take a SHA hash of the resulting file, and include that hash in your secret string. Retain the file. You can then later supply the file to an administrator, and they can video call with you and compare the file with your current appearance. This will remain effective even if the attacker has compromised all your listed means of contact. |
|||
==== Example ==== |
|||
Bare minimum: at least two forms of contact and a random string: |
|||
<pre>joe@example.com 555-123-3456 fFfwq0DuDmMXj8hYTM3NTKeDhk</pre> |
|||
More complete example: full name, multiple forms of contact, contact information for trusted friends, and a random string: |
|||
<pre>Joe Schmoe. joe@example.com. 555-123-3456. P.O. Box 1234, San Jose, CA. My best friend Bob's email: bob@example.com. fFfwq0DuDmMXj8hYTM3NTKeDhk</pre> |
|||
After Joe uses the secret string, he can generate a new secret string with a new hash by merely changing the random characters at the end. |
|||
A comprehensive example including multiple trusted people and advanced options: |
|||
<pre> |
|||
Joe Schmoe. joe@example.com. 555-123-3456. P.O. Box 1234, San Jose, CA. |
|||
My best friend Bob's contact info: bob@example.com, 555-234-5678 |
|||
My wife's contact info: anne@example.com, 555-345-6789 |
|||
Other accounts: http://www.youtube.com/user/joeschmoe http://flickr.com/photos/joeschmoe/ |
|||
Driver's license number: 123456789, SSN: 123-45-6789, passport number: 9876H432L |
|||
SHA-512 of joeschmoe.jpg: 747ec1836486a3dbe8a5d6805a2cc080fb8dc427d9535579ecb04c750d7a4a515641fd0411ed6bb97242a3e63ab9cbd4d6d66c27611ff5f98aa84497bf64b8a8 |
|||
NSffKWSHaGbcTm3WGtE8hyUQ |
|||
</pre> |
|||
In this case, Joe would supply both the above string (e.g. as a text file) and joeschmoe.jpg to administrative staff. Staff might ask him to post a specific comment on YouTube, to send a scan of his passport, or to video call to confirm that his appearance matches joeschmoe.jpg. |
|||
=== Getting the hash === |
|||
Be sure to note the ''exact string'' you enter into the form, in case you need to use it later. It is important that this string be both easily remembered exactly by you and hard to guess or find by any intruder - if an intruder knows the secret string, then this scheme is useless and provides no security. One's username is public and trivially guessable; one's password is not a good choice either, as in the event of a compromised account, the password is likely to have been guessed. |
|||
On [[Unix-like]] operating systems the <code>[[md5sum]]</code>, <code>[[sha1sum]]</code>, <code>sha224sum</code>, <code>sha256sum</code>, <code>sha384sum</code>, and <code>sha512sum</code> programs are provided in the [[GNU Core Utilities]]. Windows users may use one of the methods mentioned below; those who have [[PowerShell]] installed can generate a hash using the following command. Provide your secret phrase in the location indicated: |
|||
<code>[bitconverter]::tostring((new-object security.cryptography.sha512managed).computehash([text.encoding]::utf8.getbytes("Secret phrase here"))).replace("-", "")</code> |
|||
It is recommended that SHA-512 be used, as recent cryptographic research has cast doubt on the long-term security of SHA-1. The template defaults to [[SHA-512]] if the hash function parameter is omitted. For security, you should only use locally executed programs, or client-side javascript, to create your hash. Examples of such hash calculators include [http://coursesweb.net/javascript/sha512-encrypt-hash_cs SHA512 Encrypt], [http://caligatio.github.com/jsSHA/ jsSHA] and [http://www.slavasoft.com/hashcalc/ HashCalc 2.01]. |
|||
To verify that you are correctly hashing your secret string, you can try hashing 'My name is Joe Schmoe, and I can be contacted at: joe@example.com' (without the enclosing single-quotes). |
|||
The SHA-512 hash of that test string should be: |
|||
<div id="hash-nowrap" style="font-size:100%; display:block; background:#f9f9f9; border:1px solid #f9f9f9; margin:0.2em 0; padding:0.1em 0.3em; word-wrap:break-word"> b7a84efbbd843545666957384e874c894fdc17f48ced53abd231c2e4d08e45ad10287b1225432e3ed9794c12994ff1e82aecf66a2ded61ad4baf6d8b9c81dab8 |
|||
</div> |
|||
== Compromised accounts == |
|||
In case your account is compromised, to make use of your committed identity to someone and prove you are the same person who originally controlled the account, give a trusted user the ''exact secret string'' you originally entered into the box. They can then compute the appropriate hash of that same string and verify that it is the same result and that you are who you say you are. |
|||
Once you've established your identity, and set up a new account or regained control of the original account, you'll probably want to create a new hash as now someone (possibly multiple someones depending on how and to whom you communicated the secret string) else knows the secret string. |
|||
== Weakness == |
|||
This technique of establishing identity by revealing the secret string behind the hash is not inherently attack proof; it increases attacker effort substantially (if the secret string is chosen and handled properly) which is worthwhile, and does so at little effort to the legitimate user. But it is attackable in that anyone can invent their own secret string, hash it, and claim an identity. |
|||
An attacker with access to the account could overwrite the hash with their own one. They could then say that the previous owner of the account was an attacker who claimed their identity and generated his own hash. |
|||
An attacker without access to the account could claim that the current account's owner stole their identity. The attacker could state that they did not publish a hash when they used to own the account, or that they did not register an account and that someone else is using their name. |
|||
This weakness does not indicate that the [[commitment scheme]] is worthless, because the ''commit phase'' did not apply to all interested parties (the real person and all potential attackers). |
|||
==See also== |
|||
* [[meta:Don't leave your fly open|Don't leave your fly open (essay)]] |
|||
* [[User:Unimaginative Username/Simple Committed ID Instructions]] |
|||
* [[Strong password]] |
|||
* [[Wikipedia:Changing username]] |
|||
* [[Wikipedia:Security]] |
|||
* [[Wikipedia:Wikipedia Signpost/2007-05-14/Committed identity|Wikipedia Signpost: Committed identity]] |
|||
{| border="1" cellspacing="0" cellpadding="3" width="100%" style="background:none" |
|||
!width="300"|Code |
|||
!Result |
|||
|- |
|||
| {{[[User:Anomie/Userbox committed identity]]|…}}<small><span class="plainlinks"> |
|||
[{{fullurl:Special:Whatlinkshere/User:Anomie/Userbox committed identity|limit=500}} links] [[User_talk:Anomie/Userbox committed identity|talk]] [{{fullurl:User:Anomie/Userbox committed identity|action=edit}} view]</span></small> |
|||
| {{User:Anomie/Userbox committed identity|identity=hash}} |
|||
{{tlurow|Urdna/CIDuserbox}} |
|||
{{tlrow|User CID}} |
|||
|} |
|||
<includeonly> |
|||
<!-- Categories --> |
|||
{{DEFAULTSORT:Committed Identity}} |
|||
[[Category:User namespace templates]] |
|||
<!-- Interwikis --> |
|||
</includeonly> |
Revision as of 18:53, 3 April 2014
Serdio Siller{29 de Novembro de 1998 Moçambique,Maputo,Chokwe}
Biografia
Serdio Siller Canela,com seu verdadeiro nome Serdio Machava,è um menino de 16 anos de idade que vive em Maputo,captal de Mozambique ele gosta de 2 actores Mexicanos que são:Eugenio Siller y Jencarlos Canela e outros actores.