Friday, August 31, 2007
Thursday, August 30, 2007
Navassa Island (French: La Navase, Haitian Kreyòl: Lanavaz or Lavash) is a small, uninhabited island in the Caribbean Sea, and is an unorganized unincorporated territory of the United States, which administers it through the U.S. Fish and Wildlife Service. The island is also claimed by Haiti.
History
Political divisions of the United States
Insular areas
Flag of Navassa Island
Tuesday, August 28, 2007
A Ferris wheel (or, more commonly in the UK, big wheel) is a nonbuilding structure consisting of an upright wheel with passenger gondolas suspended from the rim.
Ferris wheels are a common type of amusement park ride and may also be found at many urban parks and public places around the world. Ferris wheels usually hold about 50-100 people.
History
Main article: Observation wheel More Ferris Wheels and Manufacturers
A list of world's largest Ferris and observation wheels. This list is incomplete and should be completed and corrected, if necessary.
A list of world's largest Ferris and observation wheels. This list is incomplete and should be completed and corrected, if necessary.
Monday, August 27, 2007
Arthur (Art) Blakey (October 11, 1919–October 16, 1990), also known as Abdullah Ibn Buhaina, was an American jazz drummer and bandleader. Along with Kenny Clarke and Max Roach, he was one of the inventors of the modern bebop style of drumming. He is known as a powerful musician and a vital groover; his brand of bluesy, funky hard bop was (and remains) profoundly influential on mainstream jazz. Over more than 30 years his band the Jazz Messengers included many young musicians who went on to become prominent names in jazz.
Early career
The origins of the Messengers are in a series of groups led or co-led by Blakey and pianist Horace Silver, though the name was not used on the earliest of their recordings. The most celebrated of these early records (credited to "The Art Blakey Quintet"), is A Night at Birdland from February 1954,
Later career
Jazz Mobile Development and Preservation of Jazz (1970)
Newport Jazz Festival Hall of Fame (1976)
Downbeat Jazz Hall of Fame Reader's Choise Award (1981)
Smithsonian Performing Arts Certificate of Appreciation (1982)
Lee Morgan Memorial Award (1982)
Jazz Hall of Fame Induction (1982)
Grammy Award Best Jazz Instrumental Performance, Group (1984) for the album New York Scene
Jazznote Award (1986)
Doctorate of Music (1987; Berklee College of Music)
Martin Luther King Humanitarian Award (1991)
Grammy Hall of Fame Induction for the album Moanin' (2001)
Pittsburgh Jazz Festival Award
Grammy Lifetime Achievement Award (2005; awarded posthumously) Selected discography
Sunday, August 26, 2007
Actinobacteria Aquificae Chlamydiae Bacteroidetes/Chlorobi Chloroflexi Chrysiogenetes Cyanobacteria Deferribacteres Deinococcus-Thermus Dictyoglomi Fibrobacteres/Acidobacteria Firmicutes Fusobacteria Gemmatimonadetes Lentisphaerae Nitrospirae Planctomycetes Proteobacteria Spirochaetes Thermodesulfobacteria Thermomicrobia Thermotogae Verrucomicrobia
Bacteria (singular: bacterium) are unicellular microorganisms. They are typically a few micrometres long and have many shapes including curved rods, spheres, rods, and spirals. The study of bacteria is bacteriology, a branch of microbiology. Bacteria are ubiquitous in every habitat on Earth, growing in soil, acidic hot springs, radioactive waste,
Bacteria in the human body
Bioaerosol
Extremophiles
Transgenic bacteria
Biotechnology
Denitrification
Desulforudis audaxviator
Alcamo, I. Edward. Fundamentals of Microbiology. 6th ed. Menlo Park, California: Benjamin Cumming, 2001. ISBN 0-7637-1067-9
Atlas, Ronald M. Principles of Microbiology. St. Louis, Missouri: Mosby, 1995. ISBN 0-8016-7790-4
Madigan, Michael and Martinko, John. Brock Biology of Microorganisms. 11th ed. Prentice Hall, 2005. ISBN 0-13-144329-1
Holt, John. G. Bergey's Manual of Determinative Bacteriology. 9th ed. Baltimore, Maryland: Williams and Wilkins, 1994. ISBN 0-683-00603-7
Hugenholtz P, Goebel BM, Pace NR (1998). "Impact of culture-independent studies on the emerging phylogenetic view of bacterial diversity". J Bacteriol 180 (18): 4765–74. PMID 9733676.
Tortora, Gerard; Funke, Berdell; Case, Christine. Microbiology: An Introduction. 8th ed. Benjamin Cummings, 2003. ISBN 0-8053-7614-3
Bacterial Nomenclature Up-To-Date from DSMZ
The largest bacteria
Tree of Life: Eubacteria
Videos of bacteria swimming and tumbling, use of optical tweezers and other videos.
Planet of the Bacteria by Stephen Jay Gould
On-line text book on bacteriology
Animated guide to bacterial cell structure.
Saturday, August 25, 2007
Dahlen is a city in Nelson County, North Dakota in the United States. The population was 38 at the 2000 census.
Dahlen is also the home to North Dakota's third tallest tower, the WDAZ TV Tower, which is 445.2 meters (1,460.2 feet) tall. The tower is used by television stations WDAZ and KGFE of Grand Forks, ND.
Cuisine | Geography | Governors | History | Music
Badlands | Coteau du Missouri | Drift Prairie | Red River Valley | Turtle Mountains
Beulah-Hazen | Bismarck-Mandan | Devils Lake | Dickinson | Fargo-West Fargo | Grafton | Grand Forks | Jamestown | Minot | Rugby | Valley City | Wahpeton | Williston
Adams | Barnes | Benson | Billings | Bottineau | Bowman | Burke | Burleigh | Cass | Cavalier | Dickey | Divide | Dunn | Eddy | Emmons | Foster | Golden Valley | Grand Forks | Grant | Griggs | Hettinger | Kidder | LaMoure | Logan | McHenry | McIntosh | McKenzie | McLean | Mercer | Morton | Mountrail | Nelson | Oliver | Pembina | Pierce | Ramsey | Ransom | Renville | Richland | Rolette | Sargent | Sheridan | Sioux | Slope | Stark | Steele | Stutsman | Towner | Traill | Walsh | Ward | Wells | Williams
Coordinates: 48°09′29″N, 97°55′46″W
Friday, August 24, 2007
Bellefontaine Cemetery (established in 1849) and the Roman Catholic Calvary Cemetery (established in 1857) in St. Louis, Missouri are adjacent burial grounds, home to a number of historic and extravagant graves and mausoleums. Although they are the necropolis for a number of prominent local and state politicians and soldiers of the American Civil War, the neighborhoods around the cemeteries are among the roughest in St. Louis, particularly to the immediate west and south. The cemeteries were established after the cholera epidemic of 1849; burials in what is now downtown Saint Louis were relocated here. Burials from an African-American cemetery at Lambert-Saint Louis International Airport were reinterred here in the 1990s.
Bellefontaine
Thomas Hart Benton (1889-1975), artist
Henry Taylor Blow (1817-1875), politician, statesman
Susan Blow (1843-1916), educator
Don Carlos Buell (1818-1898), American Civil War general (Union)
William Seward Burroughs (1914-1997), author
Adolphus Busch (1838-1913), brewing magnate
William Chauvenet (1820-1870), scholar, educator
Martin L. Clardy (1844-1914), U.S. Representative
William Clark (1770-1838), explorer
Charles B. Clarke (1836-1899), prominent architect, designer of the Fagin Building (1888)
Nathan Cole (1825-1904), U.S. Representative and Mayor of St. Louis
Alban Jasper Conant (1821-1915), artist, author, educator
Phoebe Wilson Couzins (1842-1913) pioneer suffragette
James Eads (1820-1887) important steel product maker
Aaron W. Fagin (1812-1896), milling magnate, millionaire, and builder of the Fagin Building (1888)
Gustavus A. Finkelnburg (1837-1908), U.S. Representative and Federal Judge
Della May Fox (1870-1913), actress, singer
David R. Francis (1850-1927), statesman, United States Secretary of the Interior
Jessie L. Gaynor (1863-1921), composer of children's music
Henry S. Geyer (1790-1859), U.S. Senator, lawyer
Benjamin Howard (1760-1814), first governor of Missouri Territory
Anthony F. Ittner (1837-1931), Missouri politician, brick manufacturer
Caroline Janis (1864-1952), painter and sculptor, member of "The Potters"
James Smith McDonnell (1899-1980), founder of McDonnell Aircraft Corporation
Charles Nagel, last United States Secretary of Commerce and Labor, lawyer
Trusten Polk (1811-1876), elected both governor and U.S. senator in 1856
Sterling Price (1809-1867), American Civil War general (Confederate)
Mary Marshall Rexford (1915-1996), Red Cross worker and the first woman to land on Utah Beach on D-Day
James McIlvaine Riley (1849–1911), Co-founder of Sigma Nu International Fraternity
Irma S. Rombauer (1877-1962), author of The Joy of Cooking
James Semple (1798-1866), Illinois state senator
Henry Miller Shreve (1785-1854), inventor
Theodore Spiering (1871-1925), violinist, conductor, and teacher
Edwin O. Stanard (1832-1914), Lieutenant Governor of Missouri and U.S. Representative
George Strother (1783-1840), Virginia congressman and lawyer, collector of public money in St. Louis (reinterment)
Sara Teasdale (1884-1933), Pulitzer Prize-winning poet
Charlotte Dickson Wainwright, within architect Louis Sullivan's 1892 Wainwright Tomb
Erastus Wells (1823-1893), U.S. Representative and businessman
Thursday, August 23, 2007
In Japan, Setsubun (節分) is the day before the beginning of each season. The name literally means "seasonal division", but usually the term refers to the spring Setsubun, properly called Risshun (立春), celebrated yearly on February 3. In its association with the Lunar New Year, Spring Setsubun can be thought of (and indeed was previously thought of) as a sort of New Year's Eve, and so was accompanied by a special ritual to cleanse away all the evil of the former year and drive away disease-bringing evil spirits for the year to come. This special ritual is called mamemaki (lit. bean scattering).
Regional Variations
Risshun (立春)
Rikka (立夏)
Risshū (立秋)
Rittō (立冬)
Feast of the Lemures (a similar Roman custom)
Exorcism
Wednesday, August 22, 2007
Little is know of the Chinese Mars exploration program. While the Moon is the first priority, there are plans for Martian exploration that follow upon the work done in the lunar Chang'e program. China has been studying the necessity and feasibility of Mars exploration since early 1990s as part of the national "863 Planetary Exploration" project, according to Liu Zhenxing, a researcher from the CAS Center for Space Science and Applied Research (CSSAR)
The overall plan could have four phases:
Phase 1 (up to 2009) includes all the preparations before the first mission. This includes international cooperation, definition of exploration goals and projects, and key technologies.
Phase 2 (after 2009) includes orbiter missions that probe the Martian environment, preparing for future soft-landing missions on Mars.
Phase 3 would launch spacecraft to land on the red planet, including rovers.
Phase 4 would establish surface observation stations, develop shuttle vehicles between Earth and Mars, and build bases that robonauts would attend to. The work in this phase would create a foundation for future human flights to Mars and human-tended observing outpost. Yinghuo-1
On March 26, 2007, the director of the China National Space Administration, Sun Laiyan, and the head of the Russian Space Agency, Anatoly Perminov signed the "Cooperative Agreement between the China National Space Administration and the Russian Space Agency on joint Chinese-Russian exploration of Mars". This include the launch of a Mars probe named Yinghuo-1 scheduled for October 2009. The probe will be 75 centimeters long, 75 centimeters wide and 60 centimeters high. Weighing 110 kilograms it is designed for a two-year mission, according to Chen Changya, a researcher at the Shanghai Institute of Satellite Engineering.
Chinese Yinghuo-1 and Russian Phobos-Grunt will be sent together to Mars by a Russian Soyuz-2/1b rocket from Baikonur Cosmodrome on October, 2009. On Aug.-Sept. 2010 , after a 10 – 11.5 months cruise, Yinghuo-1 separates and enters a 800 x 80 000 km three day equatorial orbit (5° inclination). The spacecraft is expected to remain on Martian orbit for one year. Phobos-Grunt and Yinghuo-1 will conduct Mars ionosphere occultation experiments.
Yinghuo-1 will focus mainly on the study of the external environment of Mars. Space center researchers will use photographs and data to study the magnetic field of Mars and the interaction between ionospheres, escape particles and solar wind.
Tuesday, August 21, 2007
Biography
Born in Graz to Charles II of Austria (1540-1590) and Maria Anna of Bavaria (1551-1608), Ferdinand was provided with a strict Jesuit education culminating in his years at the University of Ingolstadt. After completing his studies in 1595, he acceded to his hereditary lands (where his older cousin Archduke Maximilian III of Austria had acted as his regent 1593-95) and made a pilgrimage to Loreto and Rome. Shortly afterwards, he began to suppress the practice of non-Catholic faiths within his territory.
Early years
In 1617, Ferdinand was elected King of Bohemia by the Bohemian Diet. He also secured support from the Spanish Habsburgs for his claim to succeed the childless Emperor Matthias on the throne, granting them future rule over Alsace and Imperial fiefs in Italy. Ferdinand's staunch Catholicism led to infringements on the religious freedoms of non-Catholics. Among other things, the king did not respect the religious freedoms granted in the Majestät (or "Majestic Letter") signed by the earlier emperor Rudolf II to end the Brothers' War, which had granted freedom of worship to nobles and the inhabitants of cities. Additionally, Ferdinand was an absolutist and infringed upon what nobles regarded as secular rights. Given the relatively large number of Protestants within the kingdom, including many among the noble classes, the new king soon became unpopular and some dissidents participated in the ensuing Bohemian Revolt. On May 22, 1618, two royal (Catholic) officials in Prague were thrown out a castle window by Bohemian Protestants (the Defenestration of Prague). Though the officials were uninjured, such actions did not fall within the realm of standard protocol, and the clear offense against the royal dignity led to a hardening of attitudes and full rebellion.
The nobility revolted against Ferdinand and replaced him with the Protestant Elector Frederick V of the Palatinate, known as the "Winter King."
Holy Roman Emperor
Born in Graz to Charles II of Austria (1540-1590) and Maria Anna of Bavaria (1551-1608), Ferdinand was provided with a strict Jesuit education culminating in his years at the University of Ingolstadt. After completing his studies in 1595, he acceded to his hereditary lands (where his older cousin Archduke Maximilian III of Austria had acted as his regent 1593-95) and made a pilgrimage to Loreto and Rome. Shortly afterwards, he began to suppress the practice of non-Catholic faiths within his territory.
Early years
In 1617, Ferdinand was elected King of Bohemia by the Bohemian Diet. He also secured support from the Spanish Habsburgs for his claim to succeed the childless Emperor Matthias on the throne, granting them future rule over Alsace and Imperial fiefs in Italy. Ferdinand's staunch Catholicism led to infringements on the religious freedoms of non-Catholics. Among other things, the king did not respect the religious freedoms granted in the Majestät (or "Majestic Letter") signed by the earlier emperor Rudolf II to end the Brothers' War, which had granted freedom of worship to nobles and the inhabitants of cities. Additionally, Ferdinand was an absolutist and infringed upon what nobles regarded as secular rights. Given the relatively large number of Protestants within the kingdom, including many among the noble classes, the new king soon became unpopular and some dissidents participated in the ensuing Bohemian Revolt. On May 22, 1618, two royal (Catholic) officials in Prague were thrown out a castle window by Bohemian Protestants (the Defenestration of Prague). Though the officials were uninjured, such actions did not fall within the realm of standard protocol, and the clear offense against the royal dignity led to a hardening of attitudes and full rebellion.
The nobility revolted against Ferdinand and replaced him with the Protestant Elector Frederick V of the Palatinate, known as the "Winter King."
Holy Roman Emperor
Sunday, August 19, 2007
Billy Mann (real name: William Hort Mann born "Erlichman") was originally a singer/songwriter, now record producer/songwriter and entrepreneur who started his career living in a car and playing in dive bars. The New York Times online About.com named Mann #8 on the Top 10 Best Record Producers of 2006.
Record producer, songwriter, artist, manager, entrepreneur. In the history of the pop music, the quintuple threat is rare if not close to extinct. The last person to gain such notoriety was legend Peter Asher who graced the cover of Rolling Stone with James Taylor and Linda Ronstadt—artists he managed and produced simultaneously in the 1970s. Billy Mann, 37, a self-made force in the music world like Asher (who became a mentor and collaborator), began his career as an artist signed to A&M Records with modest success but left no stone unturned in converting that opportunity into access to write and produce for the biggest recording artists in the world. His credibility having been an artist-- who before his first deal spent a year living hand-to-mouth in his car --helped cement the faith of artists and record executives around the world who turn to Mann time and again for help with hits and creative vision.
In the past ten years, Billy Mann has literally racked up dozens of Top 40 hits around the world, selling over 60 million albums and quietly building a pedigree that transcends the trends. Billy's undeniable hit-making pen and ear prompted The New York Times Company's About.com to name him one of the Top 10 Producers of 2006, alongside Timbaland, Jermaine Dupri and Rick Rubin. Mann is also an elected Governor representing songwriters for the New York Chapter of NARAS. He enters 2007 as a creative contributor on three top 10 albums around the world, Pink, Joss Stone and Take That.
The diversity of the artists with whom Mann works speaks for itself: Pink, Teddy Geiger, Jessica Simpson, Ashlee Simpson, Sting, Josh Groban, Ricky Martin, Backstreet Boys, Anastacia, Celine Dion, Kelly Rowland, Delta Goodrem, Hall & Oates, Art Garfunkel, Michael Bolton, Carole King, Nick Lachey, Jessica Andrews, Martina McBride, Deana Carter, Tarkan, Paul Van Dyk, Fat Joe, Esmee Denters, Joss Stone, Take That and many others. Billy has a rare ability to create and cross over from pop to rock, R&B to country, while still retaining his credibility and quality music. Billy's raw talent, top-notch execution, and boundless creativity, has made him one of the most in demand songwriter/ producers in the business. Matt Lauer of the Today show has described Billy as the producer/writer who helps artists find their voice.
In 2001, Mann founded Stealth Entertainment. Born out of his experience working alongside traditional managers and executives, Mann brought his unique tenacity and focus to the business side of music. In five years, Stealth Entertainment has gone from a one-man operation to a boutique entertainment hub for pop artists Teddy Geiger (www.teddygeigermusic.com), youtube phenom Esmee Denters (www.esmeeworld.com), The Sunstreak (www.myspace.com/thesunstreak), and half a dozen songwriter/producers. Additionally, Mann created the Cred. Records imprint (with releases on Jive, Columbia, SBMG Special Projects, Target and independently) and Topline Music Publishing with copyrights recorded by the Backstreet Boys, Click 5, Teddy Geiger, Kelly Rowland and others in only it's first year of operation. On behalf of it's clients, Stealth has successfully built partnerships with Levi's, Macy's, Seventeen Magazine, Target, Disney and others.
Unlike most of his contemporaries, Billy Mann balances his professional indefatigability with his passion for his wife and two toddler boys. They live happily in New York and Connecticut where Mann's recording studio remains a safe and creative refuge for the most successful artists in the world and his telephone continues to ring around the clock.
Billy Mann's talent as a multi-genre writer/producer is underscored by the diversity of the artists with whom he works, a list which includes:
Matt Lauer of the Today show has described Billy Mann as the producer/writer who helps artists find their voice.
Mann is also a highly regarded artist whose second album Earthbound was voted the #1 album of the year in 1998 by NPR/PRI's national radio show, The World Café. In addition to his writing and production work, Mann owns a successful management and development company (Stealth Entertainment), several publishing companies and a record label (Cred. Records). He is published as a music columnist devoted to exposing new indie artists (Seventeen Magazine), and has several interests in new media companies. Happily married with two children, Mann resides in the New York area.
Sting
P!nk
Tarkan
Esmée Denters
Jessica Simpson
Teddy Geiger
Faces on Film
Backstreet Boys
Joss Stone
Samantha Jade
Ryan Cabrera
Take That
Delta Goodrem
Alesha
Imarobot
Cheyenne Kimball
Josh Groban
Anastacia
Celine Dion
Ricky Martin
Kelly Rowland
Martina McBride
Hall & Oates
Art Garfunkel
Deana Carter
Carole King
Boyzone
Jessica Andrews
Fat Joe
Josh Wink
Tami Rodriguez
Nikki Flores
John Paul White
Saturday, August 18, 2007
Friday, August 17, 2007
Bread - Pasta - Cheese - Rice Sauces - Soups - Desserts Herbs and spices Other ingredients
The cuisine of Bangladesh has considerable regional variations.
A staple across the country however is rice and various kinds of lentil, which is locally known as dal (sometimes written as daal). As a large percentage of the land (over 80% on some occasions) can be under water, either intentionally because of farming practices or due to severe climatological, topographical or geographical conditions, not surprisingly fish features as the major source of protein in the Bangladeshi diet. There is also a saying which goes, "Mach-e Batth-e Bangali" (Fish and rice make a Bengali)
Another integral part of Bangladeshi cuisine is beef, presence of which is a must in most of the feasts and banquets across the country,though consumption of beef is prohibited for minority hindus.Regional feasts such as Mezbaan of Chittagong, Ziafat of Sylhet/Comilla or Dawat of Dhaka will remain incomplete without serving hot beef.
Staple ingredients and spices
Aloo Bhaji occurs across the region.
Luchi
Shujeer Halwa a sweet from across the region. Regional specialties
There are several styles of Bangladeshi bread, including Luchi, chapati and paratha
Torkari
Biryani Other famous Bangladeshi dishes
Peetha
Gulab jamun
Rasgulla
Pheerni
Kheer
Halwa Bangladeshi food abroad
Bengali cuisine - for information on the cuisine of West Bengal, India.
Indian cuisine
Wikibook's Cuisine of India
Cuisine
Paan
Thursday, August 16, 2007
Designing a personal, user-friendly password
In controlling access to anything, trade-offs are made between security and convenience. If a resource is protected by a password, then security is increased with a consequent loss of convenience for users. The amount of security and inconvenience inherent in a particular password system or policy are affected by several factors addressed below. However, there is generally no one universal 'best' way to set a balance between security and convenience for all cases.
Some password protected systems pose little or no risk to a user if compromised, for example a password allowing access to a free information web site with no confidential data. Others pose modest economic or privacy risk, as for instance a password used to access e-mail or a security lock code for a mobile telephone. Still others could have very serious consequences if compromised, such as passwords used to limit access to AIDS treatment records, control a power transmission grid, or access to personnel records (consider the risk of identity theft in this instance).
Security and convenience
The security of a password-protected system depends on several factors. The system must, of course, be designed for sound overall security, without which no password protection can have any significance. Early passwords on many systems were limited to a few numbers, or upper-case-letters, only often in prescribed patterns limiting the number of possible passwords. Most passwords today usually have fewer such limits. User input is determined by several limiting factors: allowable inputs (numbers / letters, non-visual codes and/or other keys / device inputs), minimum & maximum of time required for input, availability of cut / delete / paste / copy for input, and error/noise tolerance errors in the password or communications input. Some system administrators also enforce other limitations on passwords, such as compulsory change schedules, safe-password analysis feedback, and compulsory length / composition limits. See computer security and computer insecurity.
Here are some password management issues that must be considered:
Factors in the security of a password system
The rate at which an attacker can submit guessed passwords to the system is a key factor in determining system security. Some systems impose a long time out (several seconds) after a small number (e.g., a maximum of three) of failed password entry attempts. Absent other vulnerabilities, such systems can be secure with relatively simple passwords, if they are not easily guessed. Examples of passwords that are easily guessed include the name of a relative or pet, an automobile license plate number, and such default passwords as admin, 123456, or letmein. [1]
Other systems store or transmit a cryptographic hash of the password in a manner that makes the hash value accessible to an attacker. When this is done, and it is very common (to most observers' surprise or despair), an attacker can work off-line, rapidly testing candidate passwords against the true password's hash value.
Lists of common passwords are widely available and can further speed the process. (See Password cracking.) A sufficiently complex password used in a system with a good hash algorithm can defeat such attacks as the work factor imposed on such an attacker can be made impossible in practice. Passwords that are used to generate cryptographic keys, e.g. for disk encryption or Wi-Fi security, are also subject to high rate guessing. Stronger passwords are needed in such systems.
Rate at which an attacker can try out guessed passwords
Some computer systems store passwords, against which to compare user attempts, as cleartext. If an attacker gains access to such an internal password file, all passwords would be compromised. If some users employ the same password for multiple accounts, those will be compromised as well. More secure systems store each password in a cryptographically protected form, so access to the actual password will be difficult for a snooper who gains internal access to the system, while validation still remains possible.
Email is sometimes used to distribute passwords. Since most email is sent as cleartext, it is available without effort during transport to any eavesdropper. Further, it will be stored on at least two computers as cleartext -- the sender's and the receipients's. If it passes through intermediate systems during its travels, it will likely be stored on those as well. Emailed passwords are generally an insecure method of distribution.
A common cryptographically based scheme stores only a "hashed" form of the plaintext password. When a user types in a password on such a system, it is run through the hashing algorithm, and if the hash value generated from the user's entry matches the hash stored in the password database, the user is permitted access. The hash value is created by applying a cryptographic hash function to a string consisting of the submitted password and, usually, another value known as a salt. The salt prevents attackers from building a list of hash values for common passwords. MD5 and SHA1 are frequently used cryptographic hash functions. A modified version of DES was used in early Unix systems.
The UNIX DES function was iterated to make the hash function slow, to further frustrate automated guessing attacks, and used the password candidate as a key to encrypt a fixed value, thus blocking yet another attack on the password hashing system. A more flexible function for iterated hashed passwords is described in PKCS-5.
If the hash function is well designed, it will be computationally infeasible to reverse it to find the plaintext directly. However, many systems do not protect their hashed passwords adequately, and if an attacker can gain access to hashed values he can use widely available tools which compare the encrypted outcome of every word from some collection, such as a dictionary. Long lists of possible passwords in many languages are widely available (eg, on the Internet) and the tools try common variations as well. The existence of these dictionary attack tools demonstrates the relative strengths of different password choices against such attacks. Use of a key derivation function can reduce this risk.
A poorly designed hash function can make attacks feasible even if a strong password is chosen. See LM hash for a widely deployed example.[2]
Form of stored passwords
A variety of methods have been used to verify passwords in a network setting:
Methods of verifying a password over a network
Passwords can be vulnerable to interception (ie, "snooping") while being transmitted to the authenticating machine or person. If the password is carried as electrical signals on unsecured physical wiring between the user access point and the central system controlling the password database, it is subject to snooping by wiretapping methods. If it is carried as packetitzed data over the Internet, anyone able to watch the packets containing the logon information can snoop with a very low probability of detection.
An example of cleartext transmission of passwords is this website. When you log into your Wikipedia account (if you are not an administrator) your username and password are sent from your computer through the Internet via cleartext. Anyone can read them in transit and potentially log into your account. But because anyone can gain access to the site—without logging in—there is little need to encrypt transmissions.
Another example of transmission vulnerability is email. Emailed passwords may be read by anyone with access to the transmission medium. Using client-side encryption will only protect transmission from the POP server to the client. Previous or subsequent relays of the email will not be protected and the email will be stored on multiple computers in cleartext.
Simple transmission of the password
The risk of interception of passwords sent over the Internet can be reduced by, among other approaches, using the Transport Layer Security (TLS, previously called SSL) feature built into many Internet browsers. Most browsers display a closed lock icon when TLS is in use. See cryptography for other ways in which the passing of information can be made more secure.
Transmission through encrypted channels
Unfortunately, there is a conflict between stored hashed-passwords and hash-based challenge-response authentication; the latter requires a client to prove to a server that he knows what the shared secret (ie, password) is, and to do this, the server must be able to obtain the shared secret from its stored form. On Unix-type systems doing remote authentication, the shared secret usually becomes the hashed form and has the serious limitation of exposing passwords to offline guessing attacks.
Hash-based challenge-response methods
Rather than transmitting the password, password-authenticated key agreement systems can perform a zero-knowledge password proof, which proves knowledge of the password without exposing it.
Moving a step further, augmented systems for password-authenticated key agreement (e.g. AMP, B-SPEKE, PAK-Z, SRP-6) avoid both the conflict and limitation of hash-based methods; An augmented system allows a client to prove knowledge of the password to a server, where the server knows only a (not exactly) hashed password, and where the unhashed password is required to gain access.
Zero-knowledge password proofs
Usually, a system must provide a way to change a password, either because a user believes the current password has been (or might have been) compromised, or as a precautionary measure. If a new password is passed to the system in an unencrypted form, security can be lost (e.g., via wiretapping) even before the new password can even be installed in the password database. If the new password is given to a compromised employee, little is gained. Some web sites include the user-selected password in an unencrypted confirmation e-mail message, with the obvious increased vulnerability.
Identity management systems are increasingly used to automate issuance of replacements for lost passwords, a feature called self service password reset. The user's identity is verified by asking questions and comparing the answers to ones previously stored (ie, at account initialization). Typical questions include "Where were you born?," "What is your favorite movie?" or "What is the name of your pet?" In many cases the answers to these questions can be relatively easily guessed, determined by research, or obtained through social engineering, and so this is less than reliable as a verification technique. While many users have been trained never to reveal a password, few consider the name of their favorite movie to require similar care.
Procedures for changing passwords
"Password aging" is a feature of some operating systems which forces users to change passwords frequently (eg, quarterly, monthly or even more often), thus ensuring that a stolen password will become unusable more or less quickly. Most users are not so familiar with passwords and computers as to be comfortable with this, so such policies usually earn some protest and foot-dragging at best and hostility at worst. These features are therefore not always used. In any case, the security benefits are limited because attackers often exploit a password as soon as it is compromised. In many cases, particularly with administrative or "root" accounts, once an attacker has gained access, he can make alterations to the operating system that will allow him future access even after the initial password he used expires (one example of this is a rootkit).
Forcing password change too frequently may make users more likely to forget which password is current, and there is a consequent temptation for users to either write their password down or to reuse an earlier password, which may negate any added security benefit. Implementing such a policy requires careful consideration of the relevant human factors.
Password longevity
Sometimes a single password controls access to a device, for example, for a network router, or password-protected mobile phone. However, in the case of a computer system, a password is usually stored for each user name, thus making all access traceable (save, of course, in the case of users sharing passwords). A would-be user must give a name as well as a password. If the user supplies a password matching the one stored for the supplied user name, he or she is permitted further access into the computer system. This is also the case for a cash machine, except that the user name is the account number stored on the bank customer's card, and the PIN is usually quite short (4 to 6 digits).
Allotting separate passwords to each user of a system is preferable to having a single password shared by legitimate users of the system, certainly from a security viewpoint. This is partly because users are more willing to tell another person (who may not be authorized) a shared password than one exclusively for their use. Single passwords are also much less convenient to change because many people need to be told at the same time, and they make removal of a particular user's access more difficult. Per-user passwords are also essential if users are to be held accountable for their activities, such as making financial transactions or viewing medical records.
Number of users per password
Common techniques used to improve the security of software systems protected by a password include:
Some of the more stringent policy enforcement measures can pose a risk of alienating users, possibly decreasing security.
not echoing the password on the display screen as it is being entered or obscuring it as it is typed by using asterisks or circular blobs
allowing passwords of adequate length (some Unix systems limited passwords to 8 characters).
requiring users to re-enter their password after a period of inactivity
enforcing a password policy to ensure strong passwords
requiring periodic password changes
assigning passwords at random
providing an alternative to keyboard entry
using encrypted tunnels or password-authenticated key agreement to prevent network attacks on transmitted passwords Design of the protected software
In controlling access to anything, trade-offs are made between security and convenience. If a resource is protected by a password, then security is increased with a consequent loss of convenience for users. The amount of security and inconvenience inherent in a particular password system or policy are affected by several factors addressed below. However, there is generally no one universal 'best' way to set a balance between security and convenience for all cases.
Some password protected systems pose little or no risk to a user if compromised, for example a password allowing access to a free information web site with no confidential data. Others pose modest economic or privacy risk, as for instance a password used to access e-mail or a security lock code for a mobile telephone. Still others could have very serious consequences if compromised, such as passwords used to limit access to AIDS treatment records, control a power transmission grid, or access to personnel records (consider the risk of identity theft in this instance).
Security and convenience
The security of a password-protected system depends on several factors. The system must, of course, be designed for sound overall security, without which no password protection can have any significance. Early passwords on many systems were limited to a few numbers, or upper-case-letters, only often in prescribed patterns limiting the number of possible passwords. Most passwords today usually have fewer such limits. User input is determined by several limiting factors: allowable inputs (numbers / letters, non-visual codes and/or other keys / device inputs), minimum & maximum of time required for input, availability of cut / delete / paste / copy for input, and error/noise tolerance errors in the password or communications input. Some system administrators also enforce other limitations on passwords, such as compulsory change schedules, safe-password analysis feedback, and compulsory length / composition limits. See computer security and computer insecurity.
Here are some password management issues that must be considered:
Factors in the security of a password system
The rate at which an attacker can submit guessed passwords to the system is a key factor in determining system security. Some systems impose a long time out (several seconds) after a small number (e.g., a maximum of three) of failed password entry attempts. Absent other vulnerabilities, such systems can be secure with relatively simple passwords, if they are not easily guessed. Examples of passwords that are easily guessed include the name of a relative or pet, an automobile license plate number, and such default passwords as admin, 123456, or letmein. [1]
Other systems store or transmit a cryptographic hash of the password in a manner that makes the hash value accessible to an attacker. When this is done, and it is very common (to most observers' surprise or despair), an attacker can work off-line, rapidly testing candidate passwords against the true password's hash value.
Lists of common passwords are widely available and can further speed the process. (See Password cracking.) A sufficiently complex password used in a system with a good hash algorithm can defeat such attacks as the work factor imposed on such an attacker can be made impossible in practice. Passwords that are used to generate cryptographic keys, e.g. for disk encryption or Wi-Fi security, are also subject to high rate guessing. Stronger passwords are needed in such systems.
Rate at which an attacker can try out guessed passwords
Some computer systems store passwords, against which to compare user attempts, as cleartext. If an attacker gains access to such an internal password file, all passwords would be compromised. If some users employ the same password for multiple accounts, those will be compromised as well. More secure systems store each password in a cryptographically protected form, so access to the actual password will be difficult for a snooper who gains internal access to the system, while validation still remains possible.
Email is sometimes used to distribute passwords. Since most email is sent as cleartext, it is available without effort during transport to any eavesdropper. Further, it will be stored on at least two computers as cleartext -- the sender's and the receipients's. If it passes through intermediate systems during its travels, it will likely be stored on those as well. Emailed passwords are generally an insecure method of distribution.
A common cryptographically based scheme stores only a "hashed" form of the plaintext password. When a user types in a password on such a system, it is run through the hashing algorithm, and if the hash value generated from the user's entry matches the hash stored in the password database, the user is permitted access. The hash value is created by applying a cryptographic hash function to a string consisting of the submitted password and, usually, another value known as a salt. The salt prevents attackers from building a list of hash values for common passwords. MD5 and SHA1 are frequently used cryptographic hash functions. A modified version of DES was used in early Unix systems.
The UNIX DES function was iterated to make the hash function slow, to further frustrate automated guessing attacks, and used the password candidate as a key to encrypt a fixed value, thus blocking yet another attack on the password hashing system. A more flexible function for iterated hashed passwords is described in PKCS-5.
If the hash function is well designed, it will be computationally infeasible to reverse it to find the plaintext directly. However, many systems do not protect their hashed passwords adequately, and if an attacker can gain access to hashed values he can use widely available tools which compare the encrypted outcome of every word from some collection, such as a dictionary. Long lists of possible passwords in many languages are widely available (eg, on the Internet) and the tools try common variations as well. The existence of these dictionary attack tools demonstrates the relative strengths of different password choices against such attacks. Use of a key derivation function can reduce this risk.
A poorly designed hash function can make attacks feasible even if a strong password is chosen. See LM hash for a widely deployed example.[2]
Form of stored passwords
A variety of methods have been used to verify passwords in a network setting:
Methods of verifying a password over a network
Passwords can be vulnerable to interception (ie, "snooping") while being transmitted to the authenticating machine or person. If the password is carried as electrical signals on unsecured physical wiring between the user access point and the central system controlling the password database, it is subject to snooping by wiretapping methods. If it is carried as packetitzed data over the Internet, anyone able to watch the packets containing the logon information can snoop with a very low probability of detection.
An example of cleartext transmission of passwords is this website. When you log into your Wikipedia account (if you are not an administrator) your username and password are sent from your computer through the Internet via cleartext. Anyone can read them in transit and potentially log into your account. But because anyone can gain access to the site—without logging in—there is little need to encrypt transmissions.
Another example of transmission vulnerability is email. Emailed passwords may be read by anyone with access to the transmission medium. Using client-side encryption will only protect transmission from the POP server to the client. Previous or subsequent relays of the email will not be protected and the email will be stored on multiple computers in cleartext.
Simple transmission of the password
The risk of interception of passwords sent over the Internet can be reduced by, among other approaches, using the Transport Layer Security (TLS, previously called SSL) feature built into many Internet browsers. Most browsers display a closed lock icon when TLS is in use. See cryptography for other ways in which the passing of information can be made more secure.
Transmission through encrypted channels
Unfortunately, there is a conflict between stored hashed-passwords and hash-based challenge-response authentication; the latter requires a client to prove to a server that he knows what the shared secret (ie, password) is, and to do this, the server must be able to obtain the shared secret from its stored form. On Unix-type systems doing remote authentication, the shared secret usually becomes the hashed form and has the serious limitation of exposing passwords to offline guessing attacks.
Hash-based challenge-response methods
Rather than transmitting the password, password-authenticated key agreement systems can perform a zero-knowledge password proof, which proves knowledge of the password without exposing it.
Moving a step further, augmented systems for password-authenticated key agreement (e.g. AMP, B-SPEKE, PAK-Z, SRP-6) avoid both the conflict and limitation of hash-based methods; An augmented system allows a client to prove knowledge of the password to a server, where the server knows only a (not exactly) hashed password, and where the unhashed password is required to gain access.
Zero-knowledge password proofs
Usually, a system must provide a way to change a password, either because a user believes the current password has been (or might have been) compromised, or as a precautionary measure. If a new password is passed to the system in an unencrypted form, security can be lost (e.g., via wiretapping) even before the new password can even be installed in the password database. If the new password is given to a compromised employee, little is gained. Some web sites include the user-selected password in an unencrypted confirmation e-mail message, with the obvious increased vulnerability.
Identity management systems are increasingly used to automate issuance of replacements for lost passwords, a feature called self service password reset. The user's identity is verified by asking questions and comparing the answers to ones previously stored (ie, at account initialization). Typical questions include "Where were you born?," "What is your favorite movie?" or "What is the name of your pet?" In many cases the answers to these questions can be relatively easily guessed, determined by research, or obtained through social engineering, and so this is less than reliable as a verification technique. While many users have been trained never to reveal a password, few consider the name of their favorite movie to require similar care.
Procedures for changing passwords
"Password aging" is a feature of some operating systems which forces users to change passwords frequently (eg, quarterly, monthly or even more often), thus ensuring that a stolen password will become unusable more or less quickly. Most users are not so familiar with passwords and computers as to be comfortable with this, so such policies usually earn some protest and foot-dragging at best and hostility at worst. These features are therefore not always used. In any case, the security benefits are limited because attackers often exploit a password as soon as it is compromised. In many cases, particularly with administrative or "root" accounts, once an attacker has gained access, he can make alterations to the operating system that will allow him future access even after the initial password he used expires (one example of this is a rootkit).
Forcing password change too frequently may make users more likely to forget which password is current, and there is a consequent temptation for users to either write their password down or to reuse an earlier password, which may negate any added security benefit. Implementing such a policy requires careful consideration of the relevant human factors.
Password longevity
Sometimes a single password controls access to a device, for example, for a network router, or password-protected mobile phone. However, in the case of a computer system, a password is usually stored for each user name, thus making all access traceable (save, of course, in the case of users sharing passwords). A would-be user must give a name as well as a password. If the user supplies a password matching the one stored for the supplied user name, he or she is permitted further access into the computer system. This is also the case for a cash machine, except that the user name is the account number stored on the bank customer's card, and the PIN is usually quite short (4 to 6 digits).
Allotting separate passwords to each user of a system is preferable to having a single password shared by legitimate users of the system, certainly from a security viewpoint. This is partly because users are more willing to tell another person (who may not be authorized) a shared password than one exclusively for their use. Single passwords are also much less convenient to change because many people need to be told at the same time, and they make removal of a particular user's access more difficult. Per-user passwords are also essential if users are to be held accountable for their activities, such as making financial transactions or viewing medical records.
Number of users per password
Common techniques used to improve the security of software systems protected by a password include:
Some of the more stringent policy enforcement measures can pose a risk of alienating users, possibly decreasing security.
not echoing the password on the display screen as it is being entered or obscuring it as it is typed by using asterisks or circular blobs
allowing passwords of adequate length (some Unix systems limited passwords to 8 characters).
requiring users to re-enter their password after a period of inactivity
enforcing a password policy to ensure strong passwords
requiring periodic password changes
assigning passwords at random
providing an alternative to keyboard entry
using encrypted tunnels or password-authenticated key agreement to prevent network attacks on transmitted passwords Design of the protected software
Main article: Password strength Factors in the security of an individual password
The numerous ways in which reusable passwords can be compromised has prompted the development of other techniques. Unfortunately, few of them have become universally available for users seeking a more secure alternative.
Graphical passwords are an alternative means of authentication for log-in intended to be used in place of conventional password; they utilize images instead of text. In many implementations, the user is required to pick from a series of images in the correct sequence in order to gain access.
While some believe that graphical passwords would be harder to crack, others suggest that people will be just as likely to pick common images or sequences as they are to pick common passwords.
Single-use passwords. Having passwords which are only valid once makes many potential attacks ineffective. Most users find single use passwords extremely inconvenient. They have, however, been widely implemented in personal online banking, where they are known as TANs. As most home users only perform a small number of transactions each week, the single use issue has not lead to significant customer dissatisfaction in this case.
Security tokens are similar to single-use passwords, but the value to be entered is displayed on a small fob and changes every minute or so.
Access controls based on public key cryptography e.g. ssh. The necessary keys are too large to memorize (but see proposal Passmaze) and must be stored on a local computer, security token or portable memory device, such as a flash disk or floppy disk.
Biometric methods promise authentication based on unalterable personal characteristics, but currently (2005) have high error rates and require additional hardware to scan, for example, fingerprints, irises, etc. They have proven easy to spoof in some famous incidents testing commercially available systems and, because these characteristics are unalterable, they cannot be changed if compromised, a highly important consideration in access control as a compromised access token is necessarily insecure.
Single sign-on technology is claimed to eliminate the need for having multiple passwords. Such schemes do not relieve user and administrators from choosing reasonable single passwords, nor system designers or administrators from ensuring that private access control information passed among systems enabling single sign-on is secure against attack. As yet, no satisfactory standard has been developed.
Non-text-based passwords, such as graphical passwords or mouse-movement based passwords.[3] Another system requires users to select a series of faces as a password, utilizing the human brain's ability to recall faces easily.[4] Alternatives to passwords for access control
Passwords are used on websites to authenticate users and are usually server-side, meaning the browser sends the password to the server (by HTTP POST), the server checks the password and sends back the relevant content (or an access denied message). This process eliminates the possibility of local reverse engineering as the code used to authenticate the password does not reside on the local machine.
The transmission of the password through the browser in plaintext means it can be intercepted along its journey to the server. Most web authentication systems use SSL to establish an encrypted session between the browser and the server. This is done automatically by the browser and ensures integrity of the session.
So-called website password and membership management systems often involve the use of Java or JavaScript code existing on the client side (meaning the visitor's web browser) HTML source code (for example, AuthPro). Drawbacks to such systems are the relative ease in bypassing or circumventing the protection by switching off JavaScript and Meta redirects in the browser, thereby gaining access to the protected web page. Others take advantage of server-side scripting languages such as ASP or PHP to authenticate users on the server before delivering the source code to the browser. Popular systems such as Sentry Login and Password Sentry take advantage of technology in which web pages are protected using such scripting language code snippets placed in front of the HTML code in the web page source saved in the appropriate extension on the server, such as .asp or .php. For additional security, many of the larger websites, such as Yahoo and Google, use the Python programming language for controlling and maintaining secrecy of the pages they dynamically serve to the browser and completely obfuscate any reference to file names in the URL that appears in the address window of the browser.
Website password systems
It is customary to design password-verification systems such that the user cannot see what he/she types: instead of echoing the characters typed, a series of question marks or asterisks is displayed.This may have been a good idea once—in the days of UNIX time-sharing systems, where users talked to a computer via terminals, or in terminals or computers shared by many users, as in libraries, where it is actually possible for someone to look over the user's shoulder—but it has significant disadvantages. Most importantly, if a person makes a typing mistake once, he/she is likely to make it twice, unless he/she can actually see what characters were typed: muscles tend to repeat themselves. In the worst case, this can happen when the user is initially creating a password and is required to type it twice. A person who twice typed a password that is different from the intended one will never be able to use it: this is a common reason for a user to get an "invalid password" error every time he/she tries to log in. Unfortunately, this a common occurrence, and it is an occurrence that is an inevitable result of misguided design principles.
False security
Attempting to crack passwords by trying as many possibilities as time and money permit is a brute force attack. A related method, rather more efficient in most cases, is a dictionary attack. In a dictionary attack, all words in one or more dictionaries are tested.
There are several programs available for password auditing and recovery such as L0phtCrack, John the Ripper, and Cain; some of which use password design vulnerabilities (as in the Microsoft LANManager system) to increase efficiency. Some are useful to system administrators as any password which can be found using one of these programs is most definitely a weak password and should be rejected as an unacceptable password choice.
According to Bruce Schneier, the most commonly used password is password1.
History of passwords
Authentication
Diceware
Keyfile
Passphrase
Password manager
Password policy
Password strength
Password length parameter
Password cracking
Password fatigue
Password-authenticated key agreement
Password notification e-mail
Password synchronization
Pre-shared key
Random password generator
Self-service password reset
The numerous ways in which reusable passwords can be compromised has prompted the development of other techniques. Unfortunately, few of them have become universally available for users seeking a more secure alternative.
Graphical passwords are an alternative means of authentication for log-in intended to be used in place of conventional password; they utilize images instead of text. In many implementations, the user is required to pick from a series of images in the correct sequence in order to gain access.
While some believe that graphical passwords would be harder to crack, others suggest that people will be just as likely to pick common images or sequences as they are to pick common passwords.
Single-use passwords. Having passwords which are only valid once makes many potential attacks ineffective. Most users find single use passwords extremely inconvenient. They have, however, been widely implemented in personal online banking, where they are known as TANs. As most home users only perform a small number of transactions each week, the single use issue has not lead to significant customer dissatisfaction in this case.
Security tokens are similar to single-use passwords, but the value to be entered is displayed on a small fob and changes every minute or so.
Access controls based on public key cryptography e.g. ssh. The necessary keys are too large to memorize (but see proposal Passmaze) and must be stored on a local computer, security token or portable memory device, such as a flash disk or floppy disk.
Biometric methods promise authentication based on unalterable personal characteristics, but currently (2005) have high error rates and require additional hardware to scan, for example, fingerprints, irises, etc. They have proven easy to spoof in some famous incidents testing commercially available systems and, because these characteristics are unalterable, they cannot be changed if compromised, a highly important consideration in access control as a compromised access token is necessarily insecure.
Single sign-on technology is claimed to eliminate the need for having multiple passwords. Such schemes do not relieve user and administrators from choosing reasonable single passwords, nor system designers or administrators from ensuring that private access control information passed among systems enabling single sign-on is secure against attack. As yet, no satisfactory standard has been developed.
Non-text-based passwords, such as graphical passwords or mouse-movement based passwords.[3] Another system requires users to select a series of faces as a password, utilizing the human brain's ability to recall faces easily.[4] Alternatives to passwords for access control
Passwords are used on websites to authenticate users and are usually server-side, meaning the browser sends the password to the server (by HTTP POST), the server checks the password and sends back the relevant content (or an access denied message). This process eliminates the possibility of local reverse engineering as the code used to authenticate the password does not reside on the local machine.
The transmission of the password through the browser in plaintext means it can be intercepted along its journey to the server. Most web authentication systems use SSL to establish an encrypted session between the browser and the server. This is done automatically by the browser and ensures integrity of the session.
So-called website password and membership management systems often involve the use of Java or JavaScript code existing on the client side (meaning the visitor's web browser) HTML source code (for example, AuthPro). Drawbacks to such systems are the relative ease in bypassing or circumventing the protection by switching off JavaScript and Meta redirects in the browser, thereby gaining access to the protected web page. Others take advantage of server-side scripting languages such as ASP or PHP to authenticate users on the server before delivering the source code to the browser. Popular systems such as Sentry Login and Password Sentry take advantage of technology in which web pages are protected using such scripting language code snippets placed in front of the HTML code in the web page source saved in the appropriate extension on the server, such as .asp or .php. For additional security, many of the larger websites, such as Yahoo and Google, use the Python programming language for controlling and maintaining secrecy of the pages they dynamically serve to the browser and completely obfuscate any reference to file names in the URL that appears in the address window of the browser.
Website password systems
It is customary to design password-verification systems such that the user cannot see what he/she types: instead of echoing the characters typed, a series of question marks or asterisks is displayed.This may have been a good idea once—in the days of UNIX time-sharing systems, where users talked to a computer via terminals, or in terminals or computers shared by many users, as in libraries, where it is actually possible for someone to look over the user's shoulder—but it has significant disadvantages. Most importantly, if a person makes a typing mistake once, he/she is likely to make it twice, unless he/she can actually see what characters were typed: muscles tend to repeat themselves. In the worst case, this can happen when the user is initially creating a password and is required to type it twice. A person who twice typed a password that is different from the intended one will never be able to use it: this is a common reason for a user to get an "invalid password" error every time he/she tries to log in. Unfortunately, this a common occurrence, and it is an occurrence that is an inevitable result of misguided design principles.
False security
Attempting to crack passwords by trying as many possibilities as time and money permit is a brute force attack. A related method, rather more efficient in most cases, is a dictionary attack. In a dictionary attack, all words in one or more dictionaries are tested.
There are several programs available for password auditing and recovery such as L0phtCrack, John the Ripper, and Cain; some of which use password design vulnerabilities (as in the Microsoft LANManager system) to increase efficiency. Some are useful to system administrators as any password which can be found using one of these programs is most definitely a weak password and should be rejected as an unacceptable password choice.
According to Bruce Schneier, the most commonly used password is password1.
History of passwords
Authentication
Diceware
Keyfile
Passphrase
Password manager
Password policy
Password strength
Password length parameter
Password cracking
Password fatigue
Password-authenticated key agreement
Password notification e-mail
Password synchronization
Pre-shared key
Random password generator
Self-service password reset
Wednesday, August 15, 2007
For current information on this topic, see AT&T.
For information on the Bell Operating Company of AT&T that serves the southeastern United States, see BellSouth Telecommunications.
BellSouth Corporation was an American telecommunications holding company based in Atlanta, Georgia. BellSouth was one of the seven original Regional Bell Operating Companies after the U.S. Department of Justice forced the American Telephone & Telegraph Company to divest itself of its regional telephone companies on January 1, 1984.
In a merger announced on March 5, 2006 and executed on December 29, 2006, AT&T Inc. acquired BellSouth for approximately $86 billion (1.325 shares of AT&T for each share of BellSouth) [1]. The combined company retained the name AT&T. The merger consolidated ownership of Cingular Wireless and YELLOWPAGES.COM, both of which were joint ventures between BellSouth and AT&T.
With the merger completed, wireless services previously offered by Cingular Wireless are now offered under the AT&T name. In addition, BellSouth has formally become AT&T South, its Bell Operating Company doing business as AT&T Southeast, and will cease doing business under the BellSouth name late in the second or third quarter of 2007.
BellSouth was the last of the Regional Bell Operating Companies to keep its original corporate name after the 1984 AT&T breakup, as well as the last one to retain the Bell logo. Cincinnati Bell, an independent Bell System franchise not part of the AT&T breakup, continues to actively use the "Bell" name, but dropped the Bell logo from advertising in mid-2006. Verizon still uses the Bell logo on payphones and on the back of Verizon trucks, but not as a main logo. Malheur Bell, a wholly-owned, but separately-operated subsidiary of Qwest Corporation, continues to use the logo, and is now the last former-AT&T entity to continue to use the Bell logo.
BellSouth also operated in the Australian and New Zealand market. BellSouth operated in New Zealand under the name of BellSouth New Zealand Limited from 1993 until 1998 when it was purchased by Vodafone. It competed against Telecom New Zealand. Its operations in Australia were under the name of BellSouth Australia Pty Limited.
Alleged NSA cooperation
BellSouth Telecommunications
Cingular Wireless
Tuesday, August 14, 2007
Delmar Wesley Crandall (born March 5, 1930 in Ontario, California) is a former catcher and manager in Major League Baseball who played most of his career with the Boston & Milwaukee Braves. Considered one of the National League's top catchers during the 1950s and early 1960s, he led the league in assists a record-tying six times and in fielding percentage four times, winning four of the first five Gold Glove Awards given to an NL catcher, and tied another record by catching three no-hitters. He retired with the fourth most home runs by an NL catcher, and his career .404 slugging average also placed him among the league's top ten receivers. He ended his career among the major league career leaders in putouts (4th, 7352), total chances (8th, 8200) and fielding percentage (5th, .989) behind the plate, and ranked fourth in NL history in games caught.
Crandall was only 19 when he first played in a major league game, with the 1949 Boston Braves. He appeared in 146 games for Boston in 1949-50 before entering military service during the Korean War. When his two-year hitch was over in March 1953, the Braves departed Boston for Milwaukee, where – benefitting from a powerful offense featuring Hank Aaron, Eddie Mathews and Joe Adcock – they soon became both successful on the field and phenomenally popular off it. Crandall seized the regular catcher's job in 1953 and held it for eight years, handling star Braves pitchers such as lefthander Warren Spahn and righthanders the late Lew Burdette who sadly died in 2007 and Bob Buhl , who died 2 days before Eddie Matthews in 2001, and is creamated. The Braves won NL pennants in 1957 and 1958, also finishing in second place five times between 1953 and 1960, and captured the 1957 World Series championship – the franchise's first title since 1914; though he only batted .211 in the 1957 Series against the New York Yankees, Crandall had a solo home run for the Braves' last tally in a 5-0 win in the deciding Game 7. Though rarely among the league leaders in offensive categories, he finished 10th in the 1958 MVP voting after hitting .272, tying his best mark to that point, with career highs in doubles and walks; he also led the league in putouts, assists and fielding average, and won his first Gold Glove. In the 1958 World Series, again against the Yankees, he hit .240; he slugged another Game 7 solo homer, tying the score 2-2 in the 6th inning, though the Yankees went on to score four more runs to win the game and the Series. Crandall was a superb defensive player with a strong arm; he was selected as an All-Star eight times: 1953-1956, 1958-1960, 1962. A powerful right-handed hitter, he topped the 20 home run mark three times. After having caught Jim Wilson's no-hitter on June 12, 1954, he added another pair in 1960 – by Burdette on August 18, and by Spahn a month later on September 16; amazingly, all three were against the Philadelphia Phillies.
Crandall averaged 125 games caught during the peak of his career, and he paid the price, missing most of the 1961 season due to shoulder trouble, which gave Joe Torre his opportunity to break in. While Crandall did come back to catch 90 games in 1962 - hitting a career-high .297, making his final NL All-Star squad and winning his last Gold Glove - he was soon replaced by Torre as the Braves' regular catcher. In 1962 he also moved ahead of Roy Campanella, setting the NL record for career fielding percentage; however, Johnny Roseboro would edge ahead of him before his career ended. After 1963, he was traded by the Braves to the San Francisco Giants in a seven-player deal; he played a backup role in his final three major league seasons with the Giants (1964), Pittsburgh Pirates (1965), and Cleveland Indians (1966). In 1,573 games over 16 seasons, he finished with a batting average of .254 with 179 home runs; his 175 HRs in the NL trailed only Campanella (242), Gabby Hartnett (236) and Ernie Lombardi (190) among the league's catchers. His 1430 games caught in the NL trailed only Al Lopez, Hartnett and Lombardi.
Crandall eventually turned to managing, and piloted two American League clubs, the Milwaukee Brewers (1972-75) and the Seattle Mariners (1983-84). In each case he was hired to try to right a losing team in mid-season, but he never enjoyed a winning campaign with either team and finished with a managing record of 364-469 (.437). In between those AL stints, he was a highly successful manager of the Los Angeles Dodgers' top farm club, the Albuquerque Dukes of the AAA Pacific Coast League, and he remained in the Dodger organization as a special catching instructor well into his 60s. He also worked as a broadcaster with the Chicago White Sox in 1985 and with the Brewers from 1992-94.
Crandall appeared on the cover of Sports Illustrated twice: Once by himself, and once with a group of other players.
A Pop-Punk band from Connecticut named itself "The Del Crandalls" after him; they sent their namesake a tape and a flyer promoting one of their shows, and Crandall sent his approval.
Subscribe to:
Posts (Atom)
Blog Archive
-
▼
2007
(132)
-
▼
August
(21)
- The Schapfen-Mill-Tower is a 115 meter high si...
- Navassa Island (French: La Navase, Haitian Kre...
- A Ferris wheel (or, more commonly in the UK, big...
- Arthur (Art) Blakey (October 11, 1919–October 16...
- Actinobacteria Aquificae Chlamydiae Bacteroidete...
- Dahlen is a city in Nelson County, North Dakot...
- Bellefontaine Cemetery (established in 1849) a...
- In Japan, Setsubun (節分) is the day before the ...
- Little is know of the Chinese Mars exploration p...
- Biography Born in Graz to Charles II of Austria ...
- Billy Mann (real name: William Hort Mann born ...
- The Committee on Petitions (PETI) is a committ...
- Bread - Pasta - Cheese - Rice Sauces - Soups - D...
- Designing a personal, user-friendly password In ...
- For current information on this topic, see AT&...
- Delmar Wesley Crandall (born March 5, 1930 in ...
- Northern America is the northernmost region of...
- The main chain of the Alps is the central line...
- This article is part of the series: Politics and...
- สันนิบาตอาหรับ (อาหรับ: جامعة الدول العربية) ...
- There are different people named Larry Young: ...
-
▼
August
(21)