frontpage.
newsnewestaskshowjobs

Open Source @Github

fp.

Open in hackernews

Are Your Passwords in the Green? (2025)

https://www.hivesystems.com/blog/are-your-passwords-in-the-green
1•kemotep•1y ago

Comments

kemotep•1y ago
With NIST finally updating their standards to recommend 15 character password minimums last, I like to use their recommendations and compare them to these charts show how effective such a password would be.

Using E = L x log2(R), where E is entropy, L is number of characters in the password (15), and R is the total number of possible characters used (26 for all lowercase letters), you can get ~70 bits of entropy. Using a password manager like Bitwarden for a 15 character password using the full character set minus the ambiguous characters (65 characters total) leads to ~90 bits of entropy.

Using these charts and figures from the article, a well configured bcrypt setup means even the fastest computer systems still in 2025 cap out at 1 billion hashes per second for offline cracking (without getting into Nation States spending billions on just cracking your passwords, or dedicating all the world’s supercomputers or some other speculations). So to calculate how long it would take with a “realistic” password cracker in 2025, would use this formula:

((((((2^(70-1))/ 1 billion hashes per second)/ 60 seconds)/ 60 minutes)/ 24 hours)/ 365 days) to get ~18,700 years. (Nearly 20 billion years for the Bitwarden generated one)

But without a password filter checking for known bad passwords somewhere like Have I Been Pwned, even a 30 character password that has been leaked is useless. Would be instantly “cracked”. So I personally would have the password policy be:

1. 15 character minimum, no composition rules.

2. All passwords filtered for known bad passwords against HIBP.

3. Accounts protected by MFA.

4. Combination of network controls, best practices security configurations, and alerts and monitoring to help detect and limit/eliminate password guessing attacks, password database dumps.

Otsuka posts phase 3B ADHD trial win ahead of looming FDA approval decision

https://www.fiercebiotech.com/biotech/otsuka-posts-phase-3b-adhd-trial-win-ahead-looming-fda-appr...
1•rguiscard•43s ago•0 comments

Underwater Suit-Wearing Cyborg Insect Capable of Hours-Long Divingl

https://www.nature.com/articles/s41467-026-74235-1
1•UltraSane•1m ago•0 comments

U.S. murder rate approaches a record low

https://www.npr.org/2026/06/30/nx-s1-5866810/us-murder-rate-record-low-crime-homicide
1•toomuchtodo•3m ago•0 comments

Claude Fable 5 available globally tomorrow

https://twitter.com/anthropicai/status/2072163884430229756
2•jitl•8m ago•0 comments

Ask HN: If governments keep restricting frontier AI, what happens next?

1•akashwadhwani35•9m ago•0 comments

The Oracle Problem

https://pilgrima.ge/p/the-oracle-problem
2•paulpauper•11m ago•0 comments

Is Claude's Constitution Aligned with Planetary Flourishing?

https://cathalharte.ch/essay-is-claudes-constitution-aligned-with-planetary-flourishing.html
1•paulpauper•12m ago•0 comments

Scientists discover unexpected way to make pancreatic cancer cells self-destruct

https://www.sciencedaily.com/releases/2026/06/260622091512.htm
1•jonbaer•12m ago•0 comments

Tracing Codex's 640TB-a-year SQLite writes

https://querydoctor.com/blog/tracing-codexs-640tb-year-sqlite-writes
1•thunderbong•12m ago•0 comments

Syncpen: A Markdown writing app your AI can write in (Claude, Cursor, Cowork)

https://www.syncpen.io/
1•airbuzz•13m ago•0 comments

WhatsApp Coding – Managing Google Antigravity 2.0 via a mobile chat proxy

https://github.com/rajibbora1965/WhatsAppCoding
1•rajibbora•15m ago•0 comments

Modular Cognitive Architecture Emerges in Large Language Models

https://pengrui-han.github.io/LLM_Modularity_Page/
1•pulisse•16m ago•0 comments

BullRun – free global stock screener with an MCP server

https://bull-run.org/
1•ferinator•17m ago•1 comments

Firms that adopt AI grow headcount 10% over the two years following adoption

https://ramp.com/data/ai-jobs-impact
2•nreece•20m ago•0 comments

What ORMs have taught me: just learn SQL (2014)

https://wozniak.ca/blog/2014/08/03/1/index.html
1•ciconia•20m ago•0 comments

Why do teams keep losing context, and why hasn't any tool fixed it?

1•rihabzt•22m ago•0 comments

Trump's second-term windfall: $1.4B

https://www.politico.com/news/2026/06/30/trump-crypto-windfall-disclosures-00983207
1•Alien1Being•22m ago•0 comments

Vektor Slipstream v1.7.4: Effort Control and Real Memory Search

https://medium.com/@vektormemory/vektor-slipstream-v1-7-4-effort-control-real-memory-search-e62d4...
1•vektormemory•24m ago•0 comments

The Virtual Drug That Created Fortnite

https://comuniq.xyz/post?t=1339
2•01-_-•32m ago•0 comments

Chinese tech makes desalinating seawater cheaper than producing bottled water

https://www.scmp.com/news/china/science/article/3358699/chinese-tech-makes-desalinating-seawater-...
3•01-_-•33m ago•1 comments

IBM claims first sub-1 nanometer chip technology

https://arstechnica.com/gadgets/2026/06/ibm-claims-worlds-first-sub-1-nanometer-chip-technology/
1•surprisetalk•37m ago•0 comments

A new Plaza Accord for global currencies wouldn't work

https://www.economist.com/finance-and-economics/2026/06/30/a-new-plaza-accord-for-global-currenci...
1•petethomas•40m ago•0 comments

Ireland is big tech's lapdog – and that compromises its EU presidency

https://www.theguardian.com/commentisfree/2026/jun/30/ireland-big-tech-lapdog-eu-presidency-digit...
3•TMWNN•40m ago•0 comments

Single header Parser Combinators for C

https://github.com/steve-chavez/CParseC
2•steve-chavez•41m ago•0 comments

The fat cats of state government

https://scottvanvoorhis.substack.com/p/serving-the-public-or-serving-themselves
2•sbvanvoorhis•46m ago•0 comments

Vinton Cerf Is Retiring from Google

https://techcrunch.com/2026/06/30/the-father-of-the-internet-is-finally-retiring/
3•coloneltcb•49m ago•0 comments

Leash: Browser Without URL Bar

https://www.leash.ax
1•bergie•52m ago•0 comments

Russia's plan to drill in Arctic revives controversial theory of 'endless oil'

https://www.science.org/content/article/russia-s-plan-drill-superdeep-holes-arctic-revives-contro...
4•Tomte•53m ago•0 comments

Private equity fund investors turn to debt-like deals in downturn

https://www.ft.com/content/4675b8bb-4047-458a-be01-90c2aff29219
2•petethomas•54m ago•3 comments

Trump reports over $1.4B in income from crypto ventures

https://www.reuters.com/world/us/trump-reports-more-than-14-billion-income-crypto-ventures-2026-0...
13•kaycebasques•55m ago•3 comments