frontpage.
newsnewestaskshowjobs

Open Source @Github

fp.

Open in hackernews

Are Your Passwords in the Green? (2025)

https://www.hivesystems.com/blog/are-your-passwords-in-the-green
1•kemotep•1y ago

Comments

kemotep•1y ago
With NIST finally updating their standards to recommend 15 character password minimums last, I like to use their recommendations and compare them to these charts show how effective such a password would be.

Using E = L x log2(R), where E is entropy, L is number of characters in the password (15), and R is the total number of possible characters used (26 for all lowercase letters), you can get ~70 bits of entropy. Using a password manager like Bitwarden for a 15 character password using the full character set minus the ambiguous characters (65 characters total) leads to ~90 bits of entropy.

Using these charts and figures from the article, a well configured bcrypt setup means even the fastest computer systems still in 2025 cap out at 1 billion hashes per second for offline cracking (without getting into Nation States spending billions on just cracking your passwords, or dedicating all the world’s supercomputers or some other speculations). So to calculate how long it would take with a “realistic” password cracker in 2025, would use this formula:

((((((2^(70-1))/ 1 billion hashes per second)/ 60 seconds)/ 60 minutes)/ 24 hours)/ 365 days) to get ~18,700 years. (Nearly 20 billion years for the Bitwarden generated one)

But without a password filter checking for known bad passwords somewhere like Have I Been Pwned, even a 30 character password that has been leaked is useless. Would be instantly “cracked”. So I personally would have the password policy be:

1. 15 character minimum, no composition rules.

2. All passwords filtered for known bad passwords against HIBP.

3. Accounts protected by MFA.

4. Combination of network controls, best practices security configurations, and alerts and monitoring to help detect and limit/eliminate password guessing attacks, password database dumps.

MS Coin – A Layer-1 Privacy Protocol Built in Pure Rust

https://mscoin.network/
1•shaketank•1m ago•0 comments

Punch Card Wreath

https://princessleia.com/journal/2021/10/punch-card-wreath/
1•debo_•1m ago•0 comments

Show HN: Identity Layer for Agents and Autonomous AI

https://github.com/authsec-ai/authsec-ai
1•azifali•1m ago•0 comments

Carmakers Say They'll Leave CA over New Car Privacy Law [video][12 Mins]

https://www.youtube.com/watch?v=i1_8Lj6El8M
1•Bender•5m ago•0 comments

The Hrsi

1•bayesnet•6m ago•0 comments

Thinking in Ecosystems: From Climate to Planetary Resilience Tech

https://yanirseroussi.com/2026/06/29/thinking-in-ecosystems-from-climate-to-planetary-resilience-...
2•yanir•21m ago•0 comments

Computational Balloon Twisting: The Theory of Balloon Polyhedra [pdf]

https://cccg.ca/proceedings/2008/paper34full.pdf
2•luu•22m ago•0 comments

What Is SLAM? A short-and-sweet explainer

https://www.aptiv.com/en/insights/article/what-is-slam
2•ohjeez•25m ago•0 comments

Beta SDKs for the 2026-07-28 MCP Spec Release Candidate Are Here

https://blog.modelcontextprotocol.io/posts/sdk-betas-2026-07-28/
2•BrianPeek•28m ago•0 comments

WyrmRSS: A modern RSS reader and aggregator

https://github.com/kryoseu/WyrmRSS
2•kryoseu•28m ago•1 comments

FOMO Is the Cyberpsychosis of the AI Era

https://blog.akring.com/posts/fomo-is-the-cyberpsychosis-of-the-ai-era/
2•__natty__•29m ago•0 comments

Lake Powell Is Already Dead. They Just Won't Admit It. [video][22 Mins]

https://www.youtube.com/watch?v=wbdaSdrxUao
4•Bender•32m ago•0 comments

CyberWatch – Cybersecurity news and learning for everyone

https://cyberwatch-fc59b5.netlify.app/
2•KrishnaBozza•33m ago•1 comments

Paranoia: An automatic chaos engineering tool for Spring

https://github.com/MartinesEmanuel/ParanoiaEngine
2•SchwKatze•34m ago•0 comments

Will humans one day talk to animals? This scientist is bringing us closer

https://www.yahoo.com/news/science/articles/humans-one-day-talk-animals-200000105.html
2•gmays•36m ago•1 comments

Adding Features Without Interrupting Network Connections

https://blog.exe.dev/adding-features-without-interrupting-network-connections
2•anitil•37m ago•1 comments

How sound art is repurposing Philly's Village of Industry and Art

https://design-milk.com/historic-philadelphia-building-public-sound-installation/
2•whiteblossom•38m ago•0 comments

Ask HN: Line by Line Agentic Coding

5•notshore•41m ago•4 comments

You can get Unicode working on DOS

https://twitter.com/i/status/2071469740141224272
4•vkaku•41m ago•2 comments

Unaccountable Systems

https://whynothugo.nl/journal/2025/09/12/unaccountable-systems/
2•foxfired•42m ago•0 comments

What happened to BitTorrent's Project Maelstrom web browser?

https://www.ctrl.blog/entry/bittorrent-maelstrom.html
3•ValdikSS•43m ago•0 comments

Weak hands and blurry vision: Is your tech giving you 'phone body'?

https://www.bbc.com/future/article/20260630-is-your-tech-giving-you-phone-body
2•dabinat•44m ago•0 comments

Show HN: Toolnexus for Python – MCP, agent skills,a2a for any LLM

https://pypi.org/project/toolnexus/
2•muthuishere•49m ago•0 comments

Oracle outlines all the ways it could lose the farm it bet on AI

https://www.theregister.com/ai-and-ml/2026/07/01/oracle-outlines-all-the-ways-it-could-lose-the-f...
2•Bender•51m ago•0 comments

I'm opening VSCode less and less every day

3•othmanosx•52m ago•0 comments

Show HN: Banto – Turn any topic into a live game room in minutes

https://banto.tv
2•douglaspham•54m ago•0 comments

Red teamers turned Claude Desktop into a double agent to do their evil bidding

https://www.theregister.com/security/2026/07/01/red-teamers-turned-claude-desktop-into-a-double-a...
2•Bender•56m ago•0 comments

Filtering music and speech in YouTube videos to isolate the car engine audio

https://adamsohn.com/separate/
2•dataviz1000•56m ago•0 comments

Russia approved secret China military training at top level, sources say

https://www.reuters.com/business/aerospace-defense/russia-approved-secret-china-military-training...
10•cwwc•59m ago•0 comments

Healthy but Sedentary People Show Early Decline in Cellular Energy Production

https://news.cuanschutz.edu/news-stories/healthy-but-sedentary-individuals-show-early-decline-in-...
19•littlexsparkee•1h ago•11 comments