frontpage.
newsnewestaskshowjobs

Open Source @Github

fp.

Show HN: Glad-AI-Tor, the "best" AI tools judged by the crowd

https://glad-ia-tor.com
2•GiornoJojo•1m ago•0 comments

Semantic transactions: securing untrusted AI agent workflows at the OS boundary

https://latentdynamics.substack.com/p/semantic-transactions-securing-untrusted
1•Ayauho•7m ago•0 comments

Thinking: Alternate Distribution for Filmmakers

1•phaedrus044•7m ago•0 comments

Show HN: Where NYC films – 6k shooting permits analyzed

https://civicdataforge.pages.dev/where-nyc-films
1•Chungus1172•9m ago•0 comments

CharXiv: Charting Gaps in Realistic Chart Understanding in Multimodal LLMs(2024)

https://arxiv.org/abs/2406.18521
1•hamburgererror•10m ago•0 comments

Where are YC founders now? OpenAI and Anthropic, mostly

https://joinedanthropic.com
3•ohong•10m ago•0 comments

Liberal Crime Squad: New Age

https://github.com/ashley-s-fox/lcs-new-age
2•bean469•21m ago•0 comments

Ask HN: Best way to buy second hand compute (in a future AI crash)

3•lifeisstillgood•21m ago•1 comments

How to Make a Font

https://www.makingsoftware.com/chapters/how-to-make-a-font
2•Brajeshwar•21m ago•0 comments

Unifeyn, an AI study workspace grounded in your own documents

https://www.unifeyn.app
1•securemepro•25m ago•0 comments

OpenAI Releases Codex Micro

https://openai.com/de-DE/supply/co-lab/work-louder/
1•zeeez•27m ago•0 comments

"Useful" is not sufficient

https://tante.cc/2026/07/15/useful-is-not-sufficient/
2•ttiurani•28m ago•0 comments

Show HN: Trellis2.c – Local 3D generation with Vulkan and CUDA

https://github.com/Wimacs/trellis2.c
1•wimaxs•33m ago•0 comments

Rethinking Databases for Humans and AI Agents

https://marcobambini.substack.com/p/rethinking-databases-for-humans-and
1•marcobambini•39m ago•0 comments

Writing GPU shaders in plain Rust [video]

https://www.youtube.com/watch?v=MK_dHFsBQsc
1•ibobev•47m ago•0 comments

Computing Camera Rays

https://momentsingraphics.de/CameraRays.html
2•ibobev•47m ago•0 comments

New AMD Radeon Developer Tool Suite update brings shader source code

https://gpuopen.com/learn/radeon-developer-tool-suite-shader-source-code/
1•ibobev•47m ago•0 comments

The early Research Unix exec(2) argv size limit

https://utcc.utoronto.ca/~cks/space/blog/unix/EarlyUnixExecArgvSizeLimit
2•ingve•50m ago•0 comments

AI Reviewing AI

https://twitter.com/GergelyOrosz/status/2077479764604883339
2•TheAnkurTyagi•53m ago•0 comments

Show HN: KindScan – product safety checker for your whole family

https://kindscan.com/
1•trulayer•55m ago•0 comments

Building a Financial Exchange from first principles

https://harshiyer.in/blog/farzi-exchange
3•proximuz•57m ago•2 comments

Browser Fingerprint Test–20 Signals your Browser Reveals Each Website You Visit

https://mysysinfo.com
1•hackstar•57m ago•0 comments

Republic of letters (2024) a first social network?

https://bigthink.com/strange-maps/republic-of-letters/
1•czw2•1h ago•1 comments

The Refusal Residue: When Probes Catch Alignment Faking and When They Don't

https://arxiv.org/abs/2607.13346
2•sbulaev•1h ago•0 comments

Show HN: I made ts-node alternative, ttsc/ttsx, a TypeScript-go toolchain

https://github.com/samchon/ttsc
3•autobe•1h ago•0 comments

Can we trust open weight models?

https://twitter.com/insiderphd/status/2077037121869664410
1•mef•1h ago•1 comments

GPT-Red: an LLM super-hacker OpenAI built to make its models safer

https://www.technologyreview.com/2026/07/15/1140514/meet-gpt-red-an-llm-super-hacker-openai-built...
1•joozio•1h ago•0 comments

A bunch of stuff I used to not know about K&R C

https://sebsite.pw/w/20260712-kandr.html
2•birdculture•1h ago•0 comments

The Looting of Science Fiction

https://aeon.co/essays/silicon-valley-has-a-science-fiction-problem
5•gajju3588•1h ago•0 comments

Uber moves to acquire Delivery Hero for €12.5B

https://www.reuters.com/business/finance/uber-nears-125bn-deal-acquire-delivery-hero-ft-reports-2...
2•ProjectBarks•1h ago•0 comments
Open in hackernews

Are Your Passwords in the Green? (2025)

https://www.hivesystems.com/blog/are-your-passwords-in-the-green
1•kemotep•1y ago

Comments

kemotep•1y ago
With NIST finally updating their standards to recommend 15 character password minimums last, I like to use their recommendations and compare them to these charts show how effective such a password would be.

Using E = L x log2(R), where E is entropy, L is number of characters in the password (15), and R is the total number of possible characters used (26 for all lowercase letters), you can get ~70 bits of entropy. Using a password manager like Bitwarden for a 15 character password using the full character set minus the ambiguous characters (65 characters total) leads to ~90 bits of entropy.

Using these charts and figures from the article, a well configured bcrypt setup means even the fastest computer systems still in 2025 cap out at 1 billion hashes per second for offline cracking (without getting into Nation States spending billions on just cracking your passwords, or dedicating all the world’s supercomputers or some other speculations). So to calculate how long it would take with a “realistic” password cracker in 2025, would use this formula:

((((((2^(70-1))/ 1 billion hashes per second)/ 60 seconds)/ 60 minutes)/ 24 hours)/ 365 days) to get ~18,700 years. (Nearly 20 billion years for the Bitwarden generated one)

But without a password filter checking for known bad passwords somewhere like Have I Been Pwned, even a 30 character password that has been leaked is useless. Would be instantly “cracked”. So I personally would have the password policy be:

1. 15 character minimum, no composition rules.

2. All passwords filtered for known bad passwords against HIBP.

3. Accounts protected by MFA.

4. Combination of network controls, best practices security configurations, and alerts and monitoring to help detect and limit/eliminate password guessing attacks, password database dumps.