frontpage.
newsnewestaskshowjobs

Open Source @Github

fp.

Open in hackernews

Are Your Passwords in the Green? (2025)

https://www.hivesystems.com/blog/are-your-passwords-in-the-green
1•kemotep•1y ago

Comments

kemotep•1y ago
With NIST finally updating their standards to recommend 15 character password minimums last, I like to use their recommendations and compare them to these charts show how effective such a password would be.

Using E = L x log2(R), where E is entropy, L is number of characters in the password (15), and R is the total number of possible characters used (26 for all lowercase letters), you can get ~70 bits of entropy. Using a password manager like Bitwarden for a 15 character password using the full character set minus the ambiguous characters (65 characters total) leads to ~90 bits of entropy.

Using these charts and figures from the article, a well configured bcrypt setup means even the fastest computer systems still in 2025 cap out at 1 billion hashes per second for offline cracking (without getting into Nation States spending billions on just cracking your passwords, or dedicating all the world’s supercomputers or some other speculations). So to calculate how long it would take with a “realistic” password cracker in 2025, would use this formula:

((((((2^(70-1))/ 1 billion hashes per second)/ 60 seconds)/ 60 minutes)/ 24 hours)/ 365 days) to get ~18,700 years. (Nearly 20 billion years for the Bitwarden generated one)

But without a password filter checking for known bad passwords somewhere like Have I Been Pwned, even a 30 character password that has been leaked is useless. Would be instantly “cracked”. So I personally would have the password policy be:

1. 15 character minimum, no composition rules.

2. All passwords filtered for known bad passwords against HIBP.

3. Accounts protected by MFA.

4. Combination of network controls, best practices security configurations, and alerts and monitoring to help detect and limit/eliminate password guessing attacks, password database dumps.

The General Court dismisses Apple's actions over its designation as a gatekeeper [pdf]

https://curia.europa.eu/site/upload/docs/application/pdf/2026-07/cp260096en.pdf
1•ColinWright•1m ago•0 comments

Crypto Pin Bars Form and How to Detect Them: Lessons from a $19B Liquidation

https://medium.com/@DolphinDB_Inc/how-crypto-pin-bars-form-and-how-to-detect-them-lessons-from-a-...
1•yiweileng•3m ago•0 comments

Grok 4.5 arriving tomorrow

https://twitter.com/elonmusk/status/2074740539874775163
1•hit8run•4m ago•0 comments

Fibonacci's Real Mathematical Legacy

https://blogs.nature.com/aviewfromthebridge/2017/04/20/fibonaccis-mathematical-legacy/
1•ColinWright•8m ago•1 comments

Fiszki flashcards without an app: your AI quizzes you, FSRS keeps score

https://fiszki.zuzanow.pl/login
1•fiszki•8m ago•0 comments

Time to kill at Temple Meads. What's up with platform 2? Where is platform 14?

https://old.reddit.com/r/uktrains/comments/1uo9lwn/had_some_time_to_kill_at_temple_meads_whats_up/
1•ColinWright•9m ago•0 comments

Apple held accountable under the DMA

https://fsfe.org/news/2026/news-20260708-01.en.html
1•softwarefreedom•10m ago•1 comments

Machine

https://xkcd.com/2916/
1•close04•10m ago•0 comments

Show HN: Diagraw – hand-drawn diagrams, real-time collab, AI assistant

https://diagraw.com/es/
1•victoragudo•13m ago•0 comments

Viability of Local Models for Coding

https://martinfowler.com/articles/exploring-gen-ai/local-models-for-coding-factors.html
1•danebalia•14m ago•0 comments

Show HN: Comcent CE – An open-source self-hosted Voice Infrastructure platform

https://github.com/comcent-io/comcent-ce
1•pavanputhra•16m ago•0 comments

GitHub cuts short offer to burn repos on CD after mockery ensues

https://www.theregister.com/devops/2026/07/06/github-cuts-short-offer-to-burn-repos-on-cd-after-m...
1•beardyw•19m ago•0 comments

Gemma 4 Technical Report

https://arxiv.org/abs/2607.02770
1•ferretj•19m ago•0 comments

Software Engineers Used to Score Goals, Now We Keep Them Out

https://eran.pinh.as/posts/software-engineers-used-to-score-goals-now-we-keep-them-out
2•eranp•20m ago•1 comments

Open ISMS platform for GDPR and NIS-2

https://github.com/NISD2/open-isms
1•cjhisey•20m ago•0 comments

ClickHouse is winning the Observability Wars

https://matduggan.com/clickhouse-is-winning-the-observability-wars/
1•clemo_ra•21m ago•0 comments

How to Scale Robotics and Physical AI? TechDrive Zurich with Robert MacKenzie

https://www.youtube.com/watch?v=6Dw6llpUxqs
1•jmiseikis•22m ago•0 comments

Show HN: Tarit – Self-host sandbox cloud and hypervisor for AI agents

https://github.com/instavm/tarit
5•mkagenius•27m ago•1 comments

Astryx – open-source, agent ready design system from Meta

https://astryx.atmeta.com/
1•agilek•28m ago•0 comments

Maestral, an open-source Dropbox client, is no longer maintained

https://github.com/samschott/maestral
1•uu_titan•29m ago•0 comments

Show HN: Open-source market-making software that runs on your own server

https://github.com/Adamant-im/adamant-tradebot
3•izar-konti•31m ago•0 comments

Car tracking features for 'convenience not security' warns Kia

https://www.bbc.co.uk/news/articles/cp8r1798kp7o
2•edward•32m ago•0 comments

DSpark - DeepSeek's speculative drafts for LLMs

https://www.youtube.com/watch?v=1yBU41auQhw
3•zhirzh•33m ago•1 comments

Show HN: 0day Rubbish – AI-Discovered CVSS 9.8 RCE Chain in Cisco CUCM

https://0day-rubbish.com/blog/cisco-cucm-rce-chain
2•wisdomtreelzz•34m ago•0 comments

Electric aircraft makes historic flight from Sweden to Finland

https://yle.fi/a/74-20235372
3•marklit•35m ago•0 comments

Testing Smart TV Tracking

https://www.rtings.com/tv/learn/research/smart-tv-tracking
2•ledoge•35m ago•0 comments

GitHub project mantainer has a lot of issues

2•Asil_real•35m ago•2 comments

Taiwan solved tax evasion in 1951 with a trick

https://twitter.com/i/status/2073991580986609904
3•Michelangelo11•37m ago•1 comments

Mews Cuts 15% of Staff, Points to AI in Broad Restructuring

https://twitter.com/LayoffAI/status/2074571918255194361
2•agilek•37m ago•0 comments

Jamboree – Multiplayer Synthesizer

https://jamboree.space
2•sandgiant•38m ago•0 comments