frontpage.
newsnewestaskshowjobs

Open Source @Github

fp.

Open in hackernews

Are Your Passwords in the Green? (2025)

https://www.hivesystems.com/blog/are-your-passwords-in-the-green
1•kemotep•1y ago

Comments

kemotep•1y ago
With NIST finally updating their standards to recommend 15 character password minimums last, I like to use their recommendations and compare them to these charts show how effective such a password would be.

Using E = L x log2(R), where E is entropy, L is number of characters in the password (15), and R is the total number of possible characters used (26 for all lowercase letters), you can get ~70 bits of entropy. Using a password manager like Bitwarden for a 15 character password using the full character set minus the ambiguous characters (65 characters total) leads to ~90 bits of entropy.

Using these charts and figures from the article, a well configured bcrypt setup means even the fastest computer systems still in 2025 cap out at 1 billion hashes per second for offline cracking (without getting into Nation States spending billions on just cracking your passwords, or dedicating all the world’s supercomputers or some other speculations). So to calculate how long it would take with a “realistic” password cracker in 2025, would use this formula:

((((((2^(70-1))/ 1 billion hashes per second)/ 60 seconds)/ 60 minutes)/ 24 hours)/ 365 days) to get ~18,700 years. (Nearly 20 billion years for the Bitwarden generated one)

But without a password filter checking for known bad passwords somewhere like Have I Been Pwned, even a 30 character password that has been leaked is useless. Would be instantly “cracked”. So I personally would have the password policy be:

1. 15 character minimum, no composition rules.

2. All passwords filtered for known bad passwords against HIBP.

3. Accounts protected by MFA.

4. Combination of network controls, best practices security configurations, and alerts and monitoring to help detect and limit/eliminate password guessing attacks, password database dumps.

Show HN: Filtering engine and DB for unpropagated kernel security patches

https://patchless.natey.sh
1•imbobbytables•37s ago•0 comments

Dark patterns in Windows are steering users to Edge: Mozilla-commissioned report

https://www.theregister.com/os-platforms/2026/07/15/dark-patterns-in-windows-are-steering-users-t...
1•Bender•1m ago•0 comments

Microsoft cancels Patch Tuesday for some Dell users shutdowns overheating

https://www.theregister.com/os-platforms/2026/07/15/microsoft-cancels-patch-tuesday-for-some-dell...
1•Bender•1m ago•0 comments

"Autism Is a Spectrum" Doesn't Mean What You Think (2019)

https://neuroclastic.com/its-a-spectrum-doesnt-mean-what-you-think/
1•downbad_•2m ago•0 comments

Epic Sues Health Information Exchange Network Alleging Improper Record Access

https://www.hipaajournal.com/epic-sues-health-information-exchange-network-improper-record-access
1•Jimmc414•4m ago•0 comments

Chris Paik: The Watt Era

https://docs.google.com/document/d/16r_IUSh0M2P5xrpQhfimOFCMXTtXTcVrVM49jGplkHA/edit?tab=t.0
1•jger15•4m ago•0 comments

That is why the tokensaving plugin and skill is completely useless

https://turaai.net/blog#token-saving-plugins-are-mostly-stupid-idea
1•yohji1984•5m ago•0 comments

Our production stack runs on 17.7W. Here's what we measured

https://stats.lake8.dev/geo.html
1•tommy2970•6m ago•0 comments

The Physics of Interstellar Travel

https://www.centauri-dreams.org/2026/06/11/the-physics-of-interstellar-travel/
2•rwmj•7m ago•0 comments

Benchmarks Are Dead (For Us)

https://poetiq.ai/posts/benchmarks_are_dead/
1•oliversisson•8m ago•1 comments

The Loss Function Is the Product

https://ryanmerlin.com/posts/the-loss-function-is-the-product
1•ryanmerlin•9m ago•0 comments

Wildfires in Ontario make Toronto air quality worst in world

https://www.theguardian.com/world/2026/jul/15/wildfires-in-ontario-make-toronto-canada-air-qualit...
2•saikatsg•11m ago•1 comments

Haunted Houses Are in Demand in Japan

https://economist.com/asia/2026/07/14/haunted-houses-are-in-demand-in-japan
1•_tk_•12m ago•0 comments

The State of Open-Source LLM Inference

https://shwethakrishnamurthy.substack.com/p/the-state-of-open-source-inference
1•ShwethaK•12m ago•0 comments

AI Folds DNA into Mini Masterpieces

https://spectrum.ieee.org/ai-dna-origami
2•pseudolus•12m ago•0 comments

Germany launched one of the best open-source AI models

https://xcancel.com/NXT4EU/status/2077343621011935648
1•shinryuu•13m ago•1 comments

Linus Torvalds tells AI haters to fork off

https://www.theregister.com/ai-and-ml/2026/07/15/linus-torvalds-tells-ai-haters-to-fork-off/5271894
6•amrrs•14m ago•1 comments

My thoughts on the future of Go in the AI era

https://packagemain.tech/p/my-thoughts-on-the-future-of-go-in-ai-era
1•der_gopher•15m ago•0 comments

Rise and Fall of Silicon Graphics,the Giant That Built Hollywood's Biggest Films [video]

https://www.youtube.com/watch?v=zE86S5n7gk8
1•oldnetguy•16m ago•0 comments

Programming Thinking [video]

https://www.youtube.com/watch?v=KtBefDeECVU
1•erichocean•17m ago•0 comments

State of CLI Coding Agents, Mid-2026

https://blog.arcbjorn.com/state-of-cli-coding-agents-2026
1•gmays•19m ago•0 comments

Reflect Open – a new chapter for Reflect

https://reflect.app/blog/reflect-open
1•allenleee•19m ago•0 comments

Iran Messaged Vance Warning That US Envoys Were "Abusing" Their Inside Access

https://www.dropsitenews.com/p/iran-jd-vance-kushner-witkoff-exploiting-negotiations
2•enraged_camel•24m ago•0 comments

ChatGPT's Wokeness Could Cost OpenAI Millions [video]

https://www.youtube.com/watch?v=RUgF7MoUetk
1•moebrowne•24m ago•0 comments

Lab 6

https://lab6.com
1•figbert•24m ago•0 comments

The Alignment Sciences Academy

https://alignment-sciences-academy.citizen-of-earth.chatgpt.site/
1•CitizenOfEarth•27m ago•0 comments

PolicyBot–open source GitHub Action enforce commit convention and PR quality

https://github.com/mogwi1983/policybot
1•jamesrodriguez6•30m ago•0 comments

Redis slashed 25% of its Tel Aviv workforce (and 200 worldwide)

https://www.timesofisrael.com/israeli-founded-data-tech-unicorn-set-to-slash-25-of-its-tel-aviv-w...
3•ohjeez•31m ago•0 comments

Tell HN: Fable Credits Are 150x More Expensive

5•yesitcan•33m ago•2 comments

Falsehoods Programmers Believe About Names (2010)

https://www.kalzumeus.com/2010/06/17/falsehoods-programmers-believe-about-names/
1•FigurativeVoid•33m ago•0 comments