Falling off this list from last time was #10 Solitaire Caesar, #9 Agricola: Master of Britain (which was actually replaced by another game in that same series from the same publisher), #8 Attack of the 50 Foot Colossi! (which was a really hard removal because that game is pretty fun and interesting), #6 Field Commander: Alexander, #5 Castle Itter (this one hurt to remove but it was replaced by another game in the same series) and #4 Nightfighter Ace. Some of the other games that remained on the list have moved around a bit as other games have entered the list that were ranked higher.
The States of Siege Series of solitaire games is either beloved or hated by those who play it! Some find it boring and rote while others enjoy the structure that the tracks give you and the predictability in actions you can take to avoid the effects of the pressure coming at you. I love the system and enjoy the narrative it creates with the cool historically based event cards used as well as the interesting choices that are presented to the player with the unique period specific aspects of the subject being covered.
D-Day at Tarawa is a solitaire war game published by Decision Games that is a follow up to D-Day at Omaha Beach designed by John H. Butterfield. The game is a look at the 4 day campaign during World War II spanning November 20-23, 1943 over the control of the islet of Batio located in the Tarawa Atoll. The game covers the operations of the US 2nd Marine and 27th Infantry Divisions in their attempt to clear the islet which is defended by nearly 5,000 hardened and dug-in Japanese troops.
A few years ago, I discovered a great solitaire game called The Wars of Marcus Aurelius from Hollandspiele that dealt with the Romans attempting to pacify Barbarian hordes from the north in the Danube provinces during the Marcomannic Wars in 170-180 AD. Now the designer has taken that system and applied it to another period in Roman history when the Goths and Vandals, as well as a pretender named Constantine, were assaulting Rome itself and one man was asked to defend her from her enemies. Flavius Stilicho was a high-ranking general who rose from humble beginnings to become one of the most powerful men in the Western Roman Empire. After many years of victories against a number of enemies, both barbarian and Roman, a series of political and military disasters finally allowed his enemies in the court of Honorius to remove him from power, culminating in his arrest and subsequent execution in 408 AD. In Stilicho: Last of the Romans the player must survive these attacks from enemies both external and internal and quell all three advancing enemies.
I love a really hard and involved solitaire wargame and I found a really good one in Jeff Davis: The Confederacy at War. The game is designed by Charles S. Roberts Award-winner R. Ben Madison and he does a great job with his games. The player takes on the role of President Jefferson Davis, and you have to manage the Confederate government and the Southern war effort during the American Civil War. The choices help determine the fate of armies and the struggle between Lee and Grant. The game uses the States of Siege Series model with a central point being defended from advancing forces on 5 different tracks.
If you like a good solitaire game, with great components, that plays in about an hour and is very challenging (code for hard to win), then this one is for you. I fully endorse this game and give it my highest marks for a solo experience.
In 2019, the United Kingdom's NCSC analysed public databases of breached accounts to see which words, phrases and strings people used. The most popular password on the list was 123456, appearing in more than 23 million passwords. The second-most popular string, 123456789, was not much harder to crack, while the top five included "qwerty", "password" and 1111111.
Systems that use passwords for authentication must have some way to check any password entered to gain access. If the valid passwords are simply stored in a system file or database, an attacker who gains sufficient access to the system will obtain all user passwords, giving the attacker access to all accounts on the attacked system and possibly other systems where users employ the same or similar passwords. One way to reduce this risk is to store only a cryptographic hash of each password instead of the password itself. Standard cryptographic hashes, such as the Secure Hash Algorithm (SHA) series, are very hard to reverse, so an attacker who gets hold of the hash value cannot directly recover the password. However, knowledge of the hash value lets the attacker quickly test guesses offline. Password cracking programs are widely available that will test a large number of trial passwords against a purloined cryptographic hash.
Improvements in computing technology keep increasing the rate at which guessed passwords can be tested. For example, in 2010, the Georgia Tech Research Institute developed a method of using GPGPU to crack passwords much faster. Elcomsoft invented the usage of common graphic cards for quicker password recovery in August 2007 and soon filed a corresponding patent in the US. By 2011, commercial products were available that claimed the ability to test up to 112,000 passwords per second on a standard desktop computer, using a high-end graphics processor for that time. Such a device will crack a six-letter single-case password in one day. Note that the work can be distributed over many computers for an additional speedup proportional to the number of available computers with comparable GPUs. Special key stretching hashes are available that take a relatively long time to compute, reducing the rate at which guessing can take place. Although it is considered best practice to use key stretching, many common systems do not.
The upper end is related to the stringent requirements of choosing keys used in encryption. In 1999, an Electronic Frontier Foundation project broke 56-bit DES encryption in less than a day using specially designed hardware. In 2002, distributed.net cracked a 64-bit key in 4 years, 9 months, and 23 days. As of October 12, 2011, distributed.net estimates that cracking a 72-bit key using current hardware will take about 45,579 days or 124.8 years. Due to currently understood limitations from fundamental physics, there is no expectation that any digital computer (or combination) will be capable of breaking 256-bit encryption via a brute-force attack. Whether or not quantum computers will be able to do so in practice is still unknown, though theoretical analysis suggests such possibilities.
In December, 2012, William Cheswick wrote an article published in ACM magazine that included the mathematical possibilities of how easy or difficult it would be to break passwords that are constructed using the commonly recommended, and sometimes followed, standards of today. In his article, William showed that a standard eight character alpha-numeric password could withstand a brute force attack of ten million attempts per second, and remain unbroken for 252 days. Ten million attempts each second is the acceptable rate of attempts using a multi-core system that most users would have access to. A much greater degree of attempts, at the rate of 7 billion per second, could also be achieved when using modern GPUs. At this rate, the same 8 character full alpha-numeric password could be broken in approximately 0.36 days (i.e. 9 hours). Increasing the password complexity to a 13 character full alpha-numeric password increases the time needed to crack it to more than 900,000 years at 7 billion attempts per second. This is, of course, assuming the password does not use a common word that a dictionary attack could break much sooner. Using a password of this strength reduces the obligation to change it as often as many organizations require, including the U.S. Government, as it could not be reasonably broken in such a short period of time.
Previous password policies used to prescribe the characters which passwords must contain, such as numbers, symbols or upper/lower case. While this is still in use, it has been debunked as less secure by university research, by the original instigator of this policy, and by the cyber security departments (and other related government security bodies) of USA and UK. Password complexity rules of enforced symbols were previously used by major platforms such as Google and Facebook, but these have removed the requirement following the discovery they actually reduced security. This is because the human element is a far greater risk than cracking, and enforced complexity leads most users to highly predictable patterns (number at end, swap 3 for E etc.) which actually helps crack passwords. So password simplicity and length (passphrases) are the new best practice and complexity is discouraged. Forced complexity rules also increase support costs, user friction and discourage user signups.
The hardest passwords to crack, for a given length and character set, are random character strings; if long enough they resist brute force attacks (because there are many characters) and guessing attacks (due to high entropy). However, such passwords are typically the hardest to remember. The imposition of a requirement for such passwords in a password policy may encourage users to write them down, store them in mobile devices, or share them with others as a safeguard against memory failure. While some people consider each of these user resorts to increase security risks, others suggest the absurdity of expecting users to remember distinct complex passwords for each of the dozens of accounts they access. For example, in 2005, security expert Bruce Schneier recommended writing down one's password:
Mahjong or mah-jongg (English pronunciation: /mɑːˈdʒɒŋ/ mah-JONG) is a tile-based game that was developed in the 19th century in China and has spread throughout the world since the early 20th century. It is commonly played by four players (with some three-player variations found in parts of China, Japan, South Korea and Southeast Asia). The game and its regional variants are widely played throughout East and Southeast Asia and have also become popular in Western countries. The game has also been adapted into a widespread online entertainment. Similar to the Western card game rummy, mahjong is a game of skill, strategy, and luck. To distinguish it from mahjong solitaire, it is sometimes referred to as mahjong rummy. 2b1af7f3a8