frontpage.
newsnewestaskshowjobs

Open Source @Github

fp.

AI Can't Be Listed as Inventor on Patent Applications, Japan's Top Court Rules

https://japannews.yomiuri.co.jp/science-nature/technology/20260306-314930/
1•mushstory•33s ago•0 comments

Show HN: ZeroFS – A log-structured filesystem for S3

https://www.zerofs.net/
1•Eikon•3m ago•0 comments

US job growth misses expectations in June; unemployment rate falls to 4.2%

https://www.reuters.com/world/us/us-job-growth-misses-expectations-june-unemployment-rate-falls-4...
1•onemoresoop•3m ago•0 comments

Sergey Brin joins protest against immigration order at SFO airport (2017)

https://www.theverge.com/2017/1/28/14428262/google-sergey-brin
1•sillyfluke•3m ago•0 comments

All Package Management Functionality Moved from Compiler to Build System

https://ziglang.org/devlog/2026/?2026-06-30#2026-06-30
1•olzhasar•3m ago•0 comments

The English Language Has a Smelly Problem [video]

https://www.youtube.com/watch?v=w3KswMaEBiI
1•gmays•3m ago•0 comments

Reverse-Z is the Perfect Hack

https://www.shlom.dev/articles/reverse-z-perfect-hack/
1•1bytebeta•3m ago•0 comments

Show HN: Image steganography tool – Hide any file inside a PNG image

https://stegoimage.pages.dev/
1•coder_xyz•5m ago•0 comments

Show HN: Matrix, an open-source cloud computer for coding agents

https://matrix-os.com
1•hamedmp•5m ago•0 comments

Validate your startup idea in 14 days

https://validly-rho.vercel.app/
1•Harro123•5m ago•1 comments

How can engineering leaders avoid becoming Bond villains?

https://stackoverflow.blog/2026/06/26/paging-charity-how-can-engineering-leaders-avoid-becoming-b...
1•throwaway2037•6m ago•0 comments

What to know about Trump's financial disclosure

https://thehill.com/homenews/administration/5949500-trump-financial-disclosure-crypto/
1•jordie2shoes•7m ago•0 comments

Zoom to Acquire CommonRoom

https://www.zoom.com/en/blog/zoom-to-acquire-common-room/?cms_guid=false
1•datadrivenangel•7m ago•0 comments

A new, inexpensive Chinese AI model is catching up with Anthropic, OpenAI

https://www.reuters.com/world/china/a-new-inexpensive-chinese-ai-model-is-catching-up-with-anthro...
2•tartoran•7m ago•0 comments

Top EU court upholds Google Android fine in landmark antitrust case

https://www.politico.eu/article/top-eu-court-upholds-google-android-fine-in-landmark-antitrust-case/
4•jruohonen•8m ago•0 comments

Autonomous AI Software Development: Good Idea, or Bad Idea?

https://adrianavillela.com/post/the-great-autonomous-ai-experiment/
1•mooreds•8m ago•0 comments

OpenAI wants to give us 5% of its success. It's a bad bargain

https://werd.io/openai-wants-to-give-us-5-of-its-success-its-a-bad-bargain/
1•benwerd•8m ago•0 comments

I didn't build a Full Body Ultrasound but I know the people that did

https://www.youtube.com/watch?v=4nzzpUKhj1M
1•fjalarhl•9m ago•0 comments

Microsoft Frontier Company

https://www.microsoft.com/en-us/frontier-company
1•ilreb•10m ago•0 comments

Show HN: Send and receive custom-domain email from your existing Gmail

https://sendmailas.com
1•mohitgaddam•10m ago•0 comments

Tiny-C Reference Manual Excerpt

https://permacomputer.solarpunk.au/?p=204
1•surprisetalk•13m ago•0 comments

Rust sort_unstable_by with more complex closure unexpectedly shrunk binary

3•tracyspacy•14m ago•0 comments

An AI board that pre-registers its bets – bet #1 just graded wrong

https://github.com/danilushin/asktheboard
5•dilushin•14m ago•0 comments

Show HN: A graph paper generator that renders vector PDFs in the browser

https://freegraphpaper.net/
2•lam_hg94•15m ago•0 comments

FeatLens – One API to visualize features from any vision backbone

https://github.com/turhancan97/FeatLens
2•tkargin•15m ago•1 comments

The AI-powered World Cup runs on thousands of data workers

https://restofworld.org/2026/fifa-world-cup-ai-data-workers/
2•thm•16m ago•0 comments

World Cup dreams shattered as StubHub tickets cancelled at last minute

https://www.bbc.com/news/articles/crkvlekgy07o
3•tartoran•17m ago•0 comments

The Egg Bandits Made a Thousand Times the Fine They Just Paid for Price Fixing

https://www.thebignewsletter.com/p/crime-pays-the-egg-bandits-made-a
4•toomuchtodo•18m ago•1 comments

Everything is in order

https://benwhite.com.au/snippets/everything-is-in-order/
2•d3v1an7•19m ago•0 comments

Glaze, a new tool for creating custom desktop apps

https://www.glaze.app
3•horsti•19m ago•1 comments
Open in hackernews

Are Your Passwords in the Green? (2025)

https://www.hivesystems.com/blog/are-your-passwords-in-the-green
1•kemotep•1y ago

Comments

kemotep•1y ago
With NIST finally updating their standards to recommend 15 character password minimums last, I like to use their recommendations and compare them to these charts show how effective such a password would be.

Using E = L x log2(R), where E is entropy, L is number of characters in the password (15), and R is the total number of possible characters used (26 for all lowercase letters), you can get ~70 bits of entropy. Using a password manager like Bitwarden for a 15 character password using the full character set minus the ambiguous characters (65 characters total) leads to ~90 bits of entropy.

Using these charts and figures from the article, a well configured bcrypt setup means even the fastest computer systems still in 2025 cap out at 1 billion hashes per second for offline cracking (without getting into Nation States spending billions on just cracking your passwords, or dedicating all the world’s supercomputers or some other speculations). So to calculate how long it would take with a “realistic” password cracker in 2025, would use this formula:

((((((2^(70-1))/ 1 billion hashes per second)/ 60 seconds)/ 60 minutes)/ 24 hours)/ 365 days) to get ~18,700 years. (Nearly 20 billion years for the Bitwarden generated one)

But without a password filter checking for known bad passwords somewhere like Have I Been Pwned, even a 30 character password that has been leaked is useless. Would be instantly “cracked”. So I personally would have the password policy be:

1. 15 character minimum, no composition rules.

2. All passwords filtered for known bad passwords against HIBP.

3. Accounts protected by MFA.

4. Combination of network controls, best practices security configurations, and alerts and monitoring to help detect and limit/eliminate password guessing attacks, password database dumps.