frontpage.
newsnewestaskshowjobs

Open Source @Github

fp.

Open in hackernews

Are Your Passwords in the Green? (2025)

https://www.hivesystems.com/blog/are-your-passwords-in-the-green
1•kemotep•1y ago

Comments

kemotep•1y ago
With NIST finally updating their standards to recommend 15 character password minimums last, I like to use their recommendations and compare them to these charts show how effective such a password would be.

Using E = L x log2(R), where E is entropy, L is number of characters in the password (15), and R is the total number of possible characters used (26 for all lowercase letters), you can get ~70 bits of entropy. Using a password manager like Bitwarden for a 15 character password using the full character set minus the ambiguous characters (65 characters total) leads to ~90 bits of entropy.

Using these charts and figures from the article, a well configured bcrypt setup means even the fastest computer systems still in 2025 cap out at 1 billion hashes per second for offline cracking (without getting into Nation States spending billions on just cracking your passwords, or dedicating all the world’s supercomputers or some other speculations). So to calculate how long it would take with a “realistic” password cracker in 2025, would use this formula:

((((((2^(70-1))/ 1 billion hashes per second)/ 60 seconds)/ 60 minutes)/ 24 hours)/ 365 days) to get ~18,700 years. (Nearly 20 billion years for the Bitwarden generated one)

But without a password filter checking for known bad passwords somewhere like Have I Been Pwned, even a 30 character password that has been leaked is useless. Would be instantly “cracked”. So I personally would have the password policy be:

1. 15 character minimum, no composition rules.

2. All passwords filtered for known bad passwords against HIBP.

3. Accounts protected by MFA.

4. Combination of network controls, best practices security configurations, and alerts and monitoring to help detect and limit/eliminate password guessing attacks, password database dumps.

Show HN: Char-width – final answer to measure terminal text width

https://www.npmjs.com/package/char-width
1•dawson0•46s ago•0 comments

Can I get some brutally honest feedback on a Chrome extension I built at 16?

https://chromewebstore.google.com/detail/readback-–-universal-cont/pomfhagjojbnfmgmldkpakfggpdp...
1•ceoakshat•1m ago•0 comments

NostalgicPod – iPod-like music player for Android

https://nostalgicpod.com/en/
1•LorenDB•2m ago•0 comments

Adoption and Impact of Command-Line AI Coding Agents at Microsoft [pdf]

https://arxiv.org/abs/2607.01418
1•azhenley•2m ago•0 comments

Show HN: A Wordle game that insults you as you play

https://smugexe.trydoff.dev
1•shreyasjk•3m ago•0 comments

The Red Queen Gödel Machine: Co-Evolving Agents and Their Evaluators

https://arxiv.org/abs/2606.26294
2•niclane7•4m ago•0 comments

Show HN: A website that shows every pro triathlete's swim, bike, and run gear

https://racekit.pro
1•mpc75•5m ago•1 comments

Orasort: 5x faster column-sorting with an expired patent from Oracle

https://deepsystemstuff.com/how-oracles-secret-column-sorting-technique-became-public-after-its-p...
1•theanonymousone•6m ago•0 comments

A Tale of Two Irans

https://a16z.com/this-is-a-tale-of-two-irans/
1•kehiy•8m ago•0 comments

Behind the Refusal: Determining Guardrail Activation via Behavioral Monitoring

https://arxiv.org/abs/2607.02121
1•Jimmc414•8m ago•0 comments

When Albert Einstein & Charlie Chaplin Met and Became Fast Famous Friends (1930)

https://www.openculture.com/2026/07/when-albert-einstein-charlie-chaplin-met.html
1•Brajeshwar•8m ago•0 comments

Can you run every line of code in Super Mario Bros.? [video]

https://www.youtube.com/watch?v=o0gOALTvkcc
1•dbl000•10m ago•0 comments

Show HN

https://vorcigernix.github.io/rohrpost/
1•vorcigernix•11m ago•2 comments

Local translation: when small dedicated models beat Goliath

https://qvac.tether.io/blog/local-translation-when-small-dedicated-models-beat-goliath/
1•delduca•12m ago•0 comments

LeetCode but not as a product but a learning tool

https://cses.fi/problemset/text/2433
1•callsign_bats•13m ago•0 comments

I built an out-of-the-box self-hosting infrastructure. How can I improve it?

https://github.com/canntstand/ServeHub-2
1•canntstand•14m ago•1 comments

It's true – AI will replace _most_ software engineers

https://getsmall.xyz/post/cmp5lur8h0003vyr7dxes60rh
1•trezm•14m ago•0 comments

Autoresearch: The feedback loop behind self-improving agents

https://www.latent.space/p/autoresearch-introspection
1•gmays•15m ago•0 comments

Young People Watch TikTok, Not Television

https://www.wsj.com/opinion/young-people-watch-tiktok-not-television-6142cdf7
1•bookofjoe•17m ago•1 comments

Millions may be getting the wrong cholesterol test

https://www.sciencedaily.com/releases/2026/06/260626125714.htm
1•brandonb•18m ago•0 comments

Show HN: Voltius – open-source SSH/SFTP client, built in Rust

https://voltius.app
2•kipavy•18m ago•0 comments

Pulpie: Models for Cleaning the Web

https://usefeyn.com/blog/pulpie-pareto-optimal-models-for-cleaning-the-web/
1•snyy•19m ago•1 comments

Apple Startup Sounds

https://froods.ca/~dschaub/sound.html
1•gregsadetsky•19m ago•0 comments

AI-friendly architecture: write better software, not just more of it

https://purple-hammer.com/blog/ai-friendly-architecture.html
1•AriIs•20m ago•0 comments

Union Busters Coming After Me

https://www.nlrbedge.com/p/union-busters-coming-after-me
3•anothermathbozo•20m ago•0 comments

UK regulator warns of "arms race" to keep up with AI use in financial services

https://arstechnica.com/ai/2026/07/uk-regulator-warns-of-arms-race-to-keep-up-with-ai-use-in-fina...
2•secret_hawk_25•21m ago•0 comments

They got something on the screen

https://graybeard.ing/they-got-something-on-the-screen/
1•rglover•21m ago•0 comments

How to design a cancer vaccine (and vastly improve them)

https://www.owlposting.com/p/how-to-design-a-cancer-vaccine-and
2•crescit_eundo•21m ago•0 comments

GAN Lateral Superjunction Schottky Diode

https://www.powerelectronicsnews.com/gan-lateral-superjunction-schottky-diode/
1•stmw•23m ago•1 comments

Ask HN: I use coding agents daily, but how do real engineers use them?

1•getlawgdon•25m ago•0 comments