frontpage.
newsnewestaskshowjobs

Open Source @Github

fp.

Open in hackernews

Are Your Passwords in the Green? (2025)

https://www.hivesystems.com/blog/are-your-passwords-in-the-green
1•kemotep•1y ago

Comments

kemotep•1y ago
With NIST finally updating their standards to recommend 15 character password minimums last, I like to use their recommendations and compare them to these charts show how effective such a password would be.

Using E = L x log2(R), where E is entropy, L is number of characters in the password (15), and R is the total number of possible characters used (26 for all lowercase letters), you can get ~70 bits of entropy. Using a password manager like Bitwarden for a 15 character password using the full character set minus the ambiguous characters (65 characters total) leads to ~90 bits of entropy.

Using these charts and figures from the article, a well configured bcrypt setup means even the fastest computer systems still in 2025 cap out at 1 billion hashes per second for offline cracking (without getting into Nation States spending billions on just cracking your passwords, or dedicating all the world’s supercomputers or some other speculations). So to calculate how long it would take with a “realistic” password cracker in 2025, would use this formula:

((((((2^(70-1))/ 1 billion hashes per second)/ 60 seconds)/ 60 minutes)/ 24 hours)/ 365 days) to get ~18,700 years. (Nearly 20 billion years for the Bitwarden generated one)

But without a password filter checking for known bad passwords somewhere like Have I Been Pwned, even a 30 character password that has been leaked is useless. Would be instantly “cracked”. So I personally would have the password policy be:

1. 15 character minimum, no composition rules.

2. All passwords filtered for known bad passwords against HIBP.

3. Accounts protected by MFA.

4. Combination of network controls, best practices security configurations, and alerts and monitoring to help detect and limit/eliminate password guessing attacks, password database dumps.

Show HN: AI math chat that knows your notes, connecting you to human experts

https://www.prooftree.ai
1•lemma1729•25s ago•0 comments

Brave Place Search API: The Google Maps Alternative That Costs 6–7x Less

https://brave.com/blog/place-search-improved/
1•dotcoma•1m ago•0 comments

Two concerns I have with AI right now

1•ramoz•1m ago•0 comments

Ask HN: Any Quantum Computer people who knows how to run a benchmark here?

1•KenographerPrim•2m ago•0 comments

Two teens learn the hard way not to do toy gun drive-bys from a Waymo

https://arstechnica.com/cars/2026/07/two-teens-learn-the-hard-way-not-to-do-toy-gun-drivebys-from...
1•Gedxx•3m ago•0 comments

European countries top 'scorecard' on climate progress while US slips to 27th

https://www.theguardian.com/environment/2026/jul/08/climate-change-crisis-europe-us
1•mitchbob•3m ago•0 comments

Apple dropped plan for encrypting backups after FBI complained (2020)

https://www.reuters.com/article/us-apple-fbi-icloud-exclusive-idUSKBN1ZK1CT/
2•downbad_•3m ago•0 comments

AOLs Instant Messenger was the unsung hero of the early-aughts

https://a.wholelottanothing.org/aols-instant-messenger-was-the-unsung-hero-of-the-early-aughts/
1•gaws•4m ago•0 comments

TypeScript 7

https://devblogs.microsoft.com/typescript/announcing-typescript-7-0/
2•DanRosenwasser•5m ago•0 comments

Show HN: Maps for e-scooters (hills and battery routing)

https://battmap.com
1•thepaulthomson•5m ago•0 comments

Measuring the Trustworthiness of Open-Source-Derived Models

https://cognition.com/blog/measuring-open-source-model-trustworthiness
1•lord_sudo•5m ago•0 comments

FlockCamRE – Reverse Engineering of Flock Cameras

https://github.com/kernelstub/FlockCamRE
1•denysvitali•6m ago•0 comments

Show HN: Aerohud – Grid Overview for AeroSpace (macOS)

https://github.com/nikhilmwarrier/aerohud
1•niksystems•6m ago•0 comments

AI memory is a filing cabinet

https://platformpilot.ai/blog/your-ai-memory-is-a-filing-cabinet
2•laurauzcategui•7m ago•0 comments

TV licence fee is 'yesterday's model', new BBC director general says

https://www.bbc.co.uk/news/articles/c20yjjm7n87o
1•mmarian•7m ago•0 comments

Stereotypical LLMs

https://ordinaryintelligence.substack.com/p/stereotypical-llms
1•mldev_exe•8m ago•0 comments

Jam Programming Language

https://rapha.land/jam-programming-language/
1•birdculture•8m ago•0 comments

Show HN: a new paradigm for a smartphone camera interface

https://phase.buzz/interface/
1•AndrewSwift•9m ago•1 comments

Show HN: I built a $90 terminal to find where locals eat via spatial gravity

https://hungrybutnotstupid.com/
1•kingchesco•9m ago•0 comments

Show HN: paddock – Ranks and runs LLMs on your Mac from live GGUF headers

https://github.com/MaximeDeconinck/paddock
1•maximedeco•10m ago•0 comments

Show HN: Git-Backed Skill Sharing for Non Techies

https://skillburst.ai/blog/why-i-built-skillburst/
1•htahir111•10m ago•0 comments

Leveraged Stock ETFs Are as Stable as a Row of Dominoes

https://www.bloomberg.com/opinion/articles/2026-07-08/leveraged-stock-etfs-will-burn-retail-inves...
1•petethomas•11m ago•0 comments

Ask HN: Why are there only a handful of high quality TUI apps in homebrew?

1•amichail•12m ago•1 comments

Factory was severely short on workers. Then it offered flexible work

https://www.npr.org/2026/07/08/nx-s1-5876084/manufacturing-flexible-part-time-work
2•iancmceachern•12m ago•1 comments

Identity At the Center on customer identity and access management [video]

https://www.youtube.com/watch?v=aaHEajBFAbI
1•mooreds•13m ago•0 comments

US will give Patriot missile license to Ukraine

https://www.reuters.com/world/europe/trump-says-both-sides-ukraine-war-want-settlement-2026-07-08/
1•geox•14m ago•0 comments

Pneumatic Line Launching Systems (2016)

http://www.antennalaunchers.com/antlaunching.html
1•xk3•15m ago•0 comments

Open source platform for X.509 service authentication and fine grained access

https://www.athenz.io/
1•mooreds•15m ago•0 comments

Show HN: Nicasa – A native macOS image viewer with AI tools, OCR, and annotation

https://nicasa.w3cub.com
1•terryXyz•16m ago•0 comments

The answer may not be false, just not yours: keeping authorship after AI edits

https://singularityforge.space/2026/07/08/the-answer-may-not-be-false-just-not-yours/
2•Voice_of_Void•16m ago•0 comments