frontpage.
newsnewestaskshowjobs

Open Source @Github

fp.

Open in hackernews

Are Your Passwords in the Green? (2025)

https://www.hivesystems.com/blog/are-your-passwords-in-the-green
1•kemotep•1y ago

Comments

kemotep•1y ago
With NIST finally updating their standards to recommend 15 character password minimums last, I like to use their recommendations and compare them to these charts show how effective such a password would be.

Using E = L x log2(R), where E is entropy, L is number of characters in the password (15), and R is the total number of possible characters used (26 for all lowercase letters), you can get ~70 bits of entropy. Using a password manager like Bitwarden for a 15 character password using the full character set minus the ambiguous characters (65 characters total) leads to ~90 bits of entropy.

Using these charts and figures from the article, a well configured bcrypt setup means even the fastest computer systems still in 2025 cap out at 1 billion hashes per second for offline cracking (without getting into Nation States spending billions on just cracking your passwords, or dedicating all the world’s supercomputers or some other speculations). So to calculate how long it would take with a “realistic” password cracker in 2025, would use this formula:

((((((2^(70-1))/ 1 billion hashes per second)/ 60 seconds)/ 60 minutes)/ 24 hours)/ 365 days) to get ~18,700 years. (Nearly 20 billion years for the Bitwarden generated one)

But without a password filter checking for known bad passwords somewhere like Have I Been Pwned, even a 30 character password that has been leaked is useless. Would be instantly “cracked”. So I personally would have the password policy be:

1. 15 character minimum, no composition rules.

2. All passwords filtered for known bad passwords against HIBP.

3. Accounts protected by MFA.

4. Combination of network controls, best practices security configurations, and alerts and monitoring to help detect and limit/eliminate password guessing attacks, password database dumps.

Open letter to Anthropic: keep Claude Fable 5 in existing paid plans

https://keepfable.org
1•SpitSalute•2m ago•0 comments

FlickerScope – are your LEDs giving you a headache? stop guessing

https://github.com/snokamedia/flickerscope
1•snoka•6m ago•0 comments

Wikipedia Is Up (2001)

https://web.archive.org/web/20010506042824/www.nupedia.com/pipermail/nupedia-l/2001-January/00068...
2•downbad_•7m ago•0 comments

A few thought about snarky answers on StackOverflow (2019)

https://www.cargocultcode.com/solving-the-zalgo-regex/
1•downbad_•8m ago•0 comments

Tradeoffs in Complexity, Abstraction, and Generality

https://www.lesswrong.com/s/EL2YvcrPNHrGgzPnZ/p/HNJwteaxpRYfLaQt7
1•parksb•9m ago•0 comments

Google's exponential path to climate-wrecking digital bloat

https://ketanjoshi.co/2026/07/01/googles-exponential-path-to-climate-wrecking-digital-bloat/
1•colinprince•11m ago•0 comments

Why AI Is Collapsing: How China Is Winning. [video]

https://www.youtube.com/watch?v=JXJf7vL8k94
1•Bender•12m ago•0 comments

Thanks but No Thanks

https://twitter.com/xopzuey/status/2072838561275969717
1•znort_•14m ago•1 comments

How Many People Have Ever Lived in the United States?

https://danielfetz.io/p/how-many-people-have-ever-lived-in-the-united-states
1•paulpauper•18m ago•0 comments

AI is 'not smart' so what's next in artificial intelligence?

https://www.bbc.com/news/articles/cj6gr0xkyr3o
2•1vuio0pswjnm7•20m ago•0 comments

Core dump epidemiology: fixing an 18-year-old bug

https://openai.com/index/core-dump-epidemiology-data-infrastructure-bug/
2•stopachka•21m ago•0 comments

I vibe coded a programming language, but I'd rather learn C the old way

1•alonsovm44•22m ago•0 comments

Some Basic LLM Etiquette

https://steenbok.space/blog/ai-etiquette/
1•sporkl_l•23m ago•0 comments

How AI Became More Expensive Than the Workers It Replaced [video]

https://www.youtube.com/watch?v=cfaZZPjA3g0
1•Bender•25m ago•0 comments

The Safari MCP server for web developers

https://webkit.org/blog/18136/introducing-the-safari-mcp-server-for-web-developers/
1•coloneltcb•25m ago•0 comments

Ask HN: Best Local LLM Setup for a 128GB M4 Max Mac Studio?

1•linzhangrun•26m ago•0 comments

Seeing and Being Seen

https://www.sambish.com/essays/seeing/
2•sambishop•26m ago•0 comments

Honorary Police

https://en.wikipedia.org/wiki/Honorary_Police
1•petethomas•28m ago•0 comments

What we learned when a user tried to load a 1 GB GML file in a browser

https://geodataviewer.com/blog/why-vector-tiles-for-large-gis-datasets/
2•twainyoung•35m ago•0 comments

The V Programming Language: A Revolutionary Approach to Modern Development

https://www.msn.com/en-us/news/technology/the-v-programming-language-a-revolutionary-approach-to-...
1•baranul•37m ago•0 comments

Open Source LLM Statistics and Trends (2026)

https://openllmstack.com/blog/open-source-llm-statistics/
1•sherlockxu•39m ago•0 comments

Microsoft's 90s Weapon That Made Windows Fast [video]

https://www.youtube.com/watch?v=jH0BYAkPj78
2•csense•41m ago•1 comments

Is tech ruining the World Cup?

https://www.bbc.com/audio/play/m002yq16
3•1vuio0pswjnm7•41m ago•1 comments

Epistemic Heat Death and the Signal-to-Noise Ratio of the Global Web

https://github.com/psyll/Epistemic-Heat-Death-and-the-Signal-to-Noise-Ratio-of-the-Global-Web
2•lioeters•42m ago•0 comments

Tesla's Electric Semi Has Its First Fatal Crash

https://www.forbes.com/sites/alanohnsman/2026/07/01/teslas-electric-semi-has-its-first-fatal-crash/
3•cdrnsf•43m ago•1 comments

Creating Joy in the User Experience

https://daveon.design/creating-joy-in-the-user-experience.html
3•thunderbong•44m ago•0 comments

TurboQuant can reduce vector index size by 10x at 100M Row Scale

https://github.com/pgvector/pgvector/pull/989
1•mxfeinberg•45m ago•0 comments

Google must pay record €4.1B (£3.5B) fine over antitrust issues

https://news.sky.com/story/google-must-pay-record-4-1bn-fine-over-antitrust-issues-13559819
3•geoffbp•50m ago•0 comments

North Korea patents soybean-based chocolate to bypass cocoa and sanctions

https://biz.chosun.com/en/en-society/2026/06/22/KBDUJI6IFJAIJODLXUAHV5IH3I/
5•mushstory•52m ago•0 comments

Giving admins more visibility and control over Claude spend

https://claude.com/blog/giving-admins-more-visibility-and-control-over-claude-usage-and-spend
3•geoffbp•56m ago•0 comments