frontpage.
newsnewestaskshowjobs

Open Source @Github

fp.

Open in hackernews

Are Your Passwords in the Green? (2025)

https://www.hivesystems.com/blog/are-your-passwords-in-the-green
1•kemotep•1y ago

Comments

kemotep•1y ago
With NIST finally updating their standards to recommend 15 character password minimums last, I like to use their recommendations and compare them to these charts show how effective such a password would be.

Using E = L x log2(R), where E is entropy, L is number of characters in the password (15), and R is the total number of possible characters used (26 for all lowercase letters), you can get ~70 bits of entropy. Using a password manager like Bitwarden for a 15 character password using the full character set minus the ambiguous characters (65 characters total) leads to ~90 bits of entropy.

Using these charts and figures from the article, a well configured bcrypt setup means even the fastest computer systems still in 2025 cap out at 1 billion hashes per second for offline cracking (without getting into Nation States spending billions on just cracking your passwords, or dedicating all the world’s supercomputers or some other speculations). So to calculate how long it would take with a “realistic” password cracker in 2025, would use this formula:

((((((2^(70-1))/ 1 billion hashes per second)/ 60 seconds)/ 60 minutes)/ 24 hours)/ 365 days) to get ~18,700 years. (Nearly 20 billion years for the Bitwarden generated one)

But without a password filter checking for known bad passwords somewhere like Have I Been Pwned, even a 30 character password that has been leaked is useless. Would be instantly “cracked”. So I personally would have the password policy be:

1. 15 character minimum, no composition rules.

2. All passwords filtered for known bad passwords against HIBP.

3. Accounts protected by MFA.

4. Combination of network controls, best practices security configurations, and alerts and monitoring to help detect and limit/eliminate password guessing attacks, password database dumps.

Cicy-code – a local-first multi-agent coding workspace via npx

https://github.com/cicy-ai/cicy-code
2•cicyai•7m ago•0 comments

FluencyLoop – A lighter, developer-centric SpecKit alternative

https://github.com/baokhang83/fluencyloop
3•baokhang83•14m ago•0 comments

A stale-proof shared memory for coding agents

https://github.com/Hivemind-OSS/Hivemind
1•dowingard•22m ago•1 comments

Show HN: Google Search Console MCP

https://github.com/AkashRajpurohit/gsc-mcp
1•ghostfoxgod•23m ago•0 comments

Ephemeral runtime harness for agentic workflows open source

https://github.com/dmosc/drun
1•osdavrm•28m ago•1 comments

A little experiment in evading AI detection

https://thegustafson.com/blog/evading-ai-detection
3•usernotfoundrn•29m ago•0 comments

Why OpenRouter can be the next great platform

https://taikhooms.substack.com/p/why-openrouter-can-be-the-next-great
1•theanonymousone•32m ago•0 comments

Origami Cat Puppet

https://www.ducksters.com/videos/arts-crafts/origami_cat_puppet.php
2•jruohonen•34m ago•0 comments

Digital Fauxice – an OSS clean room Nikon Digital Ice with 1:1 results

https://github.com/rohanpandula/digital-fauxice
2•peteforde•44m ago•0 comments

Martin Picard's Mitochondrial Theory of Mind

https://www.quantamagazine.org/martin-picards-mitochondrial-theory-of-mind-20260717/
3•nsoonhui•47m ago•0 comments

Recap: Software Should Work 2026

https://bencornia.com/blog/recap-software-should-work-2026
1•bencornia•52m ago•0 comments

Gpu.ai $1k Grand Prize Buildathon August 22nd 2026: Build on Free Cloud GPUs

https://gpu.ai/buildathon
1•johngpuai•57m ago•0 comments

Show HN: A model-routing benchmark – the routers optimize the wrong axis

https://github.com/dotnetspark/fbc-model-routing-benchmark
1•yadellopez•1h ago•0 comments

New normal? US had a major power outage EVERY month of 2026

https://electrek.co/2026/07/15/new-normal-the-us-has-suffered-a-major-power-outage-every-month-of...
1•sharjeelsayed•1h ago•0 comments

Pre-Modern Armies for Worldbuilders, Part IVa: Leadership

https://acoup.blog/2026/07/18/collections-pre-modern-armies-for-worldbuilders-part-iva-leadership/
1•gostsamo•1h ago•0 comments

CoRecursive Interview with Paul Lutus, the Author of Apple Writer

https://corecursive.com/remote-developer/
1•lioeters•1h ago•1 comments

In-browser agent that bulk enriches any webpage

https://www.rtrvr.ai/blog/agentic-dataset-enrichment-in-your-browser
1•arjunchint•1h ago•0 comments

Rolling Stones match Beatles with 15th UK number one album

https://www.reuters.com/business/media-telecom/rolling-stones-match-beatles-with-15th-uk-number-o...
1•1659447091•1h ago•0 comments

Three workers digging in a field outside the data center

https://sign2.nl/websign/three-workers-digging-in-a-field-outside-the-data-center-by-dinnis-van-d...
2•jruohonen•1h ago•0 comments

Flathub's AI slop ban looks like it was the right call

https://www.omgubuntu.co.uk/2026/07/flathub-ai-slop-ban-data
2•shaunpud•1h ago•0 comments

Show HN: Scenario Tests for Distributed Systems

https://www.srinidhin.com/blog/11.html
1•srinidhin•1h ago•0 comments

ADHD friendly journaling: Garden of Roses and Thorns

https://thinkersutra.substack.com/p/rosesandthornsadhd
1•shrini11•1h ago•0 comments

Critical thinking has become an AI‑era buzzword. But what does it mean?

https://theconversation.com/critical-thinking-has-become-an-ai-era-buzzword-but-what-does-it-actu...
1•jruohonen•1h ago•0 comments

The Adventures of a Donkey (1815)

https://gutenberg.org/cache/epub/79114/pg79114-images.html
1•petethomas•1h ago•0 comments

California roadside icon Pea Soup Andersen's, closed for years, to be demolished

https://www.sfgate.com/centralcoast/article/pea-soup-andersens-demolition-22342288.php
2•MilnerRoute•1h ago•1 comments

Tabstack by Mozilla

https://tabstack.ai
2•handfuloflight•1h ago•0 comments

What's New on World Emoji Day 2026

https://blog.emojipedia.org/whats-new-on-world-emoji-day-2026/
1•doublepg23•1h ago•0 comments

Mac gaming is finally getting the overpowered upgrade it deserves

https://www.macworld.com/article/3189951/apples-latest-game-porting-toolkit-beta-changed-how-i-th...
26•kristianp•1h ago•17 comments

Postlia – a social media scheduler that flags AI-sounding posts

https://postlia.com
1•EraySaygin•1h ago•1 comments

Same Crash. Twice the Funerals

https://www.talkingwreckless.com/p/same-crash-twice-the-funerals
1•haltingproblem•1h ago•0 comments