frontpage.
newsnewestaskshowjobs

Open Source @Github

fp.

Open in hackernews

Are Your Passwords in the Green? (2025)

https://www.hivesystems.com/blog/are-your-passwords-in-the-green
1•kemotep•1y ago

Comments

kemotep•1y ago
With NIST finally updating their standards to recommend 15 character password minimums last, I like to use their recommendations and compare them to these charts show how effective such a password would be.

Using E = L x log2(R), where E is entropy, L is number of characters in the password (15), and R is the total number of possible characters used (26 for all lowercase letters), you can get ~70 bits of entropy. Using a password manager like Bitwarden for a 15 character password using the full character set minus the ambiguous characters (65 characters total) leads to ~90 bits of entropy.

Using these charts and figures from the article, a well configured bcrypt setup means even the fastest computer systems still in 2025 cap out at 1 billion hashes per second for offline cracking (without getting into Nation States spending billions on just cracking your passwords, or dedicating all the world’s supercomputers or some other speculations). So to calculate how long it would take with a “realistic” password cracker in 2025, would use this formula:

((((((2^(70-1))/ 1 billion hashes per second)/ 60 seconds)/ 60 minutes)/ 24 hours)/ 365 days) to get ~18,700 years. (Nearly 20 billion years for the Bitwarden generated one)

But without a password filter checking for known bad passwords somewhere like Have I Been Pwned, even a 30 character password that has been leaked is useless. Would be instantly “cracked”. So I personally would have the password policy be:

1. 15 character minimum, no composition rules.

2. All passwords filtered for known bad passwords against HIBP.

3. Accounts protected by MFA.

4. Combination of network controls, best practices security configurations, and alerts and monitoring to help detect and limit/eliminate password guessing attacks, password database dumps.

How America's Wealth Distribution Has Changed Since 1989

https://www.visualcapitalist.com/americas-wealth-distribution-1989-2025/
1•theanonymousone•2m ago•1 comments

We built a Rust EDR. macOS notarization tried to kill it

https://www.nemesislabs.xyz/
1•davidobi023•3m ago•0 comments

Wall clock is the wrong metric

https://www.anantjain.xyz/posts/wall-clock-is-the-wrong-metric
1•anant90•3m ago•0 comments

A battery 'hacking' app can strand an e-rickshaw – and the risks it poses

https://indianexpress.com/article/explained/explained-sci-tech/bms-apps-e-rickshaw-battery-hack-g...
1•Abishek_Muthian•5m ago•0 comments

Ancient Denisovan DNA is still shaping human immunity today (Science Daily)

https://www.sciencedaily.com/releases/2026/06/260613034210.htm
1•indynz•11m ago•0 comments

Show HN: ChatGPT, Claude and Codex-style chat inputs in one React component

https://prompt-area.com/styles
1•kachar•13m ago•0 comments

Malleating Git commit signatures

https://iter.ca/post/git-malleate/
1•smitop•13m ago•0 comments

Real 3D Minecraft on the GameBoy [video]

https://www.youtube.com/watch?v=2hwYoG96GQQ
1•zetamax•13m ago•0 comments

ForkMind – Git for LLM context: branch, offload, and restore it

https://github.com/Medhovarsh/forkmind
1•medhovarsh•14m ago•0 comments

Smolbren: Local search for your Markdown vaults

https://github.com/junaidrahim/smolbren
2•handfuloflight•17m ago•0 comments

Reminder Email to yourself with voice option

https://remindmyemail.com/
1•texasjosh•20m ago•1 comments

Chorus: A fast, single-writer write-ahead log on Google Cloud Storage

https://github.com/rockwotj/chorus
1•handfuloflight•21m ago•0 comments

Luteolin, an antioxidant, may contribute to prevention of hair graying (2025)

https://medicalxpress.com/news/2025-02-luteolin-antioxidant-vegetables-contribute-hair.html
2•OutOfHere•22m ago•0 comments

Code trails: A new way to understand software

https://app.principal-ade.com/
1•thunderbong•28m ago•0 comments

Egg producers will pay $3.3M and donate 53M eggs to settle price-fixing

https://apnews.com/article/egg-prices-collusion-settlement-d32b05892541613df3f4e4932109ee0c
3•SilverElfin•30m ago•1 comments

The Taste Gap(2014)

https://www.themarginalian.org/2014/01/29/ira-glass-success-daniel-sax/
1•o4c•30m ago•0 comments

Did You Mean: Recursion

https://www.google.com/search?sca_esv=01006499c0c391e8&sxsrf=APpeQnuafTsQxwAyVUUvNK-FJhxgKP-UEA:1...
1•bear_with_me•37m ago•0 comments

AI has taken over the stock market. The bond market is next

https://www.economist.com/finance-and-economics/2026/07/07/ai-has-taken-over-the-stock-market-the...
4•petethomas•38m ago•0 comments

Fable 5 Access Extended Through July 12

https://xcancel.com/claudeai/status/2074548242386178258
2•etothet•40m ago•2 comments

Meta expands generative AI tools with Muse Image rollout

https://www.reuters.com/technology/meta-expands-generative-ai-tools-with-muse-image-rollout-2026-...
1•adithyaharish•45m ago•0 comments

O-ring theory of economic development

https://en.wikipedia.org/wiki/O-ring_theory_of_economic_development
2•o4c•45m ago•0 comments

TackNote

https://tacknote.app/
3•TackNote•47m ago•0 comments

Convert ANY web page into a Sticky Note with my FREE Chrome extension

https://chromewebstore.google.com/detail/sticky-note-web-clipper-—/gniilbpapgommpalikcclpcnbcam...
2•taskloco_nyc•47m ago•0 comments

A fast, decentralized web crawler, indexer, and search engine in one Rust binary

https://splch.github.io/mycel/
3•splch•50m ago•0 comments

Is The Economist Always Wrong?

https://www.economist.com/interactive/finance-and-economics/2026/07/02/is-the-economist-always-wrong
25•nreece•54m ago•5 comments

Micro Stirling Mechanical Cryo-Cooler Teardown by Fraser(2023)

https://www.eevblog.com/forum/thermal-imaging/micro-stirling-mechanical-cryo-cooler-teardown-by-f...
2•pillars•54m ago•0 comments

Ask HN: Best Podcasts of 2026 [So Far]

4•AbstractH24•57m ago•0 comments

What if users start cloning SaaS using AI

2•mzubairtahir•58m ago•2 comments

Defending OpenClaw against indirect prompt injection

https://compsec.snu.ac.kr/blog/dualview
7•b2y•59m ago•0 comments

The Answer Citation Protocol (ACP)

https://ericstrate.com/the-answer-citation-protocol-acp-optimizing-web-architecture-for-token-eff...
2•ericstrate•1h ago•0 comments