{"id":50,"date":"2026-07-02T07:05:54","date_gmt":"2026-07-02T07:05:54","guid":{"rendered":"https:\/\/hocabul.net\/?p=50"},"modified":"2026-07-02T07:05:55","modified_gmt":"2026-07-02T07:05:55","slug":"iki-faktorlu-dogrulama-2fa-nedir-neden-artik-zorunluluk","status":"publish","type":"post","link":"https:\/\/hocabul.net\/?p=50","title":{"rendered":"\u0130ki Fakt\u00f6rl\u00fc Do\u011frulama (2FA) Nedir, Neden Art\u0131k Zorunluluk?"},"content":{"rendered":"\n<p class=\"wp-block-paragraph\">\u015eifre k\u0131rmak eskisi kadar zor de\u011fil. Veri s\u0131z\u0131nt\u0131lar\u0131, kaba kuvvet sald\u0131r\u0131lar\u0131 ve oltalama (phishing) siteleri sayesinde bir \u015fifre, d\u00fc\u015f\u00fcnd\u00fc\u011f\u00fcn\u00fczden \u00e7ok daha kolay ba\u015fkas\u0131n\u0131n eline ge\u00e7ebiliyor. \u0130\u015fte tam bu noktada devreye giren iki fakt\u00f6rl\u00fc do\u011frulama (2FA), tek bir \u00e7al\u0131nan \u015fifrenin hesab\u0131n\u0131z\u0131n tamamen ele ge\u00e7irilmesi anlam\u0131na gelmemesini sa\u011flayan en basit ama en etkili savunma katman\u0131.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">2FA Asl\u0131nda Ne Yap\u0131yor?<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Mant\u0131k asl\u0131nda \u00e7ok basit: hesab\u0131n\u0131za girmek i\u00e7in art\u0131k tek bir \u015fey de\u011fil, iki farkl\u0131 \u015fey kan\u0131tlaman\u0131z gerekiyor. G\u00fcvenlik uzmanlar\u0131 bunu genelde \u00fc\u00e7 kategoriye ay\u0131r\u0131r:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Bildi\u011finiz bir \u015fey:<\/strong> \u015eifreniz ya da PIN kodunuz.<\/li>\n\n\n\n<li><strong>Sahip oldu\u011funuz bir \u015fey:<\/strong> Telefonunuz, bir do\u011frulama uygulamas\u0131 ya da fiziksel bir g\u00fcvenlik anahtar\u0131.<\/li>\n\n\n\n<li><strong>Oldu\u011funuz bir \u015fey:<\/strong> Parmak izi ya da y\u00fcz tan\u0131ma gibi biyometrik veriler.<\/li>\n<\/ul>\n\n\n\n<p class=\"wp-block-paragraph\">2FA, bu kategorilerden en az ikisini bir araya getirerek, sald\u0131rgan\u0131n sadece \u015fifrenizi bilmesinin yetmemesini sa\u011fl\u0131yor. \u015eifreniz bir veri s\u0131z\u0131nt\u0131s\u0131nda ele ge\u00e7se bile, sald\u0131rgan elinde ikinci fakt\u00f6r olmadan hesab\u0131n\u0131za giremiyor.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Neden Bu Kadar \u00d6nemli?<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Oltalama siteleri, kullan\u0131c\u0131lar\u0131 ger\u00e7ek bir kurumun sitesiymi\u015f gibi g\u00f6r\u00fcnen sahte sayfalara y\u00f6nlendirerek \u015fifre ve kullan\u0131c\u0131 bilgilerini \u00e7almaya \u00e7al\u0131\u015f\u0131yor. B\u00f6yle bir sald\u0131r\u0131n\u0131n nas\u0131l i\u015fledi\u011fini ve nas\u0131l fark edilece\u011fini daha detayl\u0131 \u00f6\u011frenmek istersen, <a href=\"https:\/\/hocabul.net\/?p=16\">sahte sitelere kar\u015f\u0131 korunma rehberimizi<\/a> okuman\u0131 \u00f6neririz. O yaz\u0131da anlatt\u0131\u011f\u0131m\u0131z gibi, bir kullan\u0131c\u0131 ad\u0131 ve \u015fifre s\u0131zsa bile 2FA aktifse hesap b\u00fcy\u00fck \u00f6l\u00e7\u00fcde korunmu\u015f oluyor \u2014 \u00e7\u00fcnk\u00fc sald\u0131rgan\u0131n elinde h\u00e2l\u00e2 eksik bir par\u00e7a var.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Bu da 2FA&#8217;y\u0131, tek ba\u015f\u0131na g\u00fc\u00e7l\u00fc bir \u015fifreden bile daha etkili bir savunma hatt\u0131 yap\u0131yor. Zaten g\u00fcvenlik uzmanlar\u0131n\u0131n neredeyse hepsi, g\u00fc\u00e7l\u00fc \u015fifre ile 2FA&#8217;y\u0131 bir arada kullanmay\u0131 \u00f6neriyor; biri di\u011ferinin eksi\u011fini kapat\u0131yor.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Hangi 2FA Y\u00f6ntemi Daha G\u00fcvenli?<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">T\u00fcm 2FA y\u00f6ntemleri ayn\u0131 g\u00fcvenlik seviyesini sunmuyor. Genel olarak g\u00fcvenlik s\u0131ralamas\u0131 \u015f\u00f6yle:<\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>Fiziksel g\u00fcvenlik anahtar\u0131<\/strong> (\u00f6rne\u011fin USB anahtarlar): En g\u00fcvenli se\u00e7enek, \u00e7\u00fcnk\u00fc oltalama sitelerine kar\u015f\u0131 neredeyse tamamen diren\u00e7li.<\/li>\n\n\n\n<li><strong>Do\u011frulama uygulamas\u0131 (authenticator app):<\/strong> Telefonunuzda \u00e7al\u0131\u015fan ve d\u00fczenli aral\u0131klarla de\u011fi\u015fen kodlar \u00fcretir.<\/li>\n\n\n\n<li><strong>SMS ile gelen kod:<\/strong> Pratik ama en zay\u0131f halka; SIM kart doland\u0131r\u0131c\u0131l\u0131\u011f\u0131 gibi y\u00f6ntemlerle atlat\u0131labiliyor.<\/li>\n<\/ol>\n\n\n\n<p class=\"wp-block-paragraph\">K\u0131sacas\u0131 &#8220;hi\u00e7 2FA kullanmamak&#8221;tan iyi olsa da, sadece SMS koduna g\u00fcvenmek yeterli de\u011fil. M\u00fcmk\u00fcnse bir do\u011frulama uygulamas\u0131 ya da fiziksel anahtar tercih etmek daha sa\u011fl\u0131kl\u0131.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Yayg\u0131n Bir Yan\u0131lg\u0131: &#8220;Bana Bir \u015eey Olmaz&#8221;<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Bir\u00e7ok kullan\u0131c\u0131, &#8220;benim hesab\u0131mda \u00e7al\u0131nacak bir \u015fey yok&#8221; diye d\u00fc\u015f\u00fcnerek 2FA&#8217;y\u0131 atl\u0131yor. Ama ger\u00e7ekte sald\u0131rganlar\u0131n \u00e7o\u011fu hedef se\u00e7miyor; otomatik sistemlerle milyonlarca hesab\u0131 ayn\u0131 anda deniyor. Bu noktada olas\u0131l\u0131k ve rastgelelik kavramlar\u0131 devreye giriyor \u2014 bir sald\u0131r\u0131n\u0131n &#8220;bana denk gelme ihtimali&#8221; sand\u0131\u011f\u0131ndan \u00e7ok daha y\u00fcksek olabilir. Bu t\u00fcr yanl\u0131\u015f sezgilerin istatistikte nas\u0131l i\u015fledi\u011fini merak ediyorsan <a href=\"https:\/\/hocabul.net\/?p=18\">kumarbaz\u0131n yan\u0131lg\u0131s\u0131n\u0131 ele ald\u0131\u011f\u0131m\u0131z yaz\u0131m\u0131za<\/a> g\u00f6z atabilirsin; &#8220;bana bir \u015fey olmaz&#8221; d\u00fc\u015f\u00fcncesi de asl\u0131nda benzer bir olas\u0131l\u0131k yan\u0131lg\u0131s\u0131n\u0131n farkl\u0131 bir versiyonu.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Nereden Ba\u015flamal\u0131?<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">2FA&#8217;y\u0131 \u00f6nce en kritik hesaplar\u0131n\u0131zda aktif etmenizi \u00f6neririz: e-posta, bankac\u0131l\u0131k uygulamalar\u0131 ve \u015fifre y\u00f6neticiniz. E-posta hesab\u0131n\u0131z genelde di\u011fer t\u00fcm hesaplar\u0131n\u0131z\u0131n &#8220;\u015fifre s\u0131f\u0131rlama&#8221; kap\u0131s\u0131 oldu\u011fu i\u00e7in, sald\u0131rganlar\u0131n en \u00e7ok hedefledi\u011fi nokta oras\u0131d\u0131r.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Konuyla ilgili resmi ve g\u00fcncel bir kaynak istersen, ABD Siber G\u00fcvenlik ve Altyap\u0131 G\u00fcvenli\u011fi Ajans\u0131&#8217;n\u0131n (CISA) \u00e7ok fakt\u00f6rl\u00fc do\u011frulama hakk\u0131ndaki <a href=\"https:\/\/www.cisa.gov\/MFA\">resmi rehberine<\/a> g\u00f6z atabilirsin; MFA&#8217;n\u0131n hesaplar\u0131 ele ge\u00e7irilme riskini b\u00fcy\u00fck oranda azaltt\u0131\u011f\u0131n\u0131 g\u00f6steren g\u00fcncel verilere yer veriyor.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Son S\u00f6z<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">2FA, birka\u00e7 saniyelik ek bir ad\u0131m gibi g\u00f6r\u00fcnse de, hesab\u0131n\u0131z\u0131n g\u00fcvenli\u011fi s\u00f6z konusu oldu\u011funda att\u0131\u011f\u0131n\u0131z en ucuz ve en etkili sigorta. \u015eifreniz ne kadar g\u00fc\u00e7l\u00fc olursa olsun, tek ba\u015f\u0131na yeterli de\u011fil. Sen hangi hesaplar\u0131nda 2FA kullan\u0131yorsun? Hen\u00fcz aktif etmedi\u011fin bir hesab\u0131n varsa, bu yaz\u0131y\u0131 okuduktan hemen sonra ayarlar men\u00fcs\u00fcne g\u00f6z atman\u0131 \u00f6neririz.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u015eifre k\u0131rmak eskisi kadar zor de\u011fil. Veri s\u0131z\u0131nt\u0131lar\u0131, kaba kuvvet sald\u0131r\u0131lar\u0131 ve oltalama (phishing) siteleri sayesinde bir \u015fifre, d\u00fc\u015f\u00fcnd\u00fc\u011f\u00fcn\u00fczden \u00e7ok daha kolay ba\u015fkas\u0131n\u0131n eline ge\u00e7ebiliyor. \u0130\u015fte tam bu noktada devreye giren iki fakt\u00f6rl\u00fc do\u011frulama (2FA), tek bir \u00e7al\u0131nan \u015fifrenin hesab\u0131n\u0131z\u0131n tamamen ele ge\u00e7irilmesi anlam\u0131na gelmemesini sa\u011flayan en basit ama en etkili savunma katman\u0131. 2FA Asl\u0131nda &#8230; <a title=\"\u0130ki Fakt\u00f6rl\u00fc Do\u011frulama (2FA) Nedir, Neden Art\u0131k Zorunluluk?\" class=\"read-more\" href=\"https:\/\/hocabul.net\/?p=50\" aria-label=\"Read more about \u0130ki Fakt\u00f6rl\u00fc Do\u011frulama (2FA) Nedir, Neden Art\u0131k Zorunluluk?\">Read more<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[],"class_list":["post-50","post","type-post","status-publish","format-standard","hentry","category-dijital-guvenlik"],"_links":{"self":[{"href":"https:\/\/hocabul.net\/index.php?rest_route=\/wp\/v2\/posts\/50","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/hocabul.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/hocabul.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/hocabul.net\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/hocabul.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=50"}],"version-history":[{"count":1,"href":"https:\/\/hocabul.net\/index.php?rest_route=\/wp\/v2\/posts\/50\/revisions"}],"predecessor-version":[{"id":51,"href":"https:\/\/hocabul.net\/index.php?rest_route=\/wp\/v2\/posts\/50\/revisions\/51"}],"wp:attachment":[{"href":"https:\/\/hocabul.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=50"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/hocabul.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=50"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/hocabul.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=50"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}