frontpage.
newsnewestaskshowjobs

Open Source @Github

fp.

Open in hackernews

Are Your Passwords in the Green? (2025)

https://www.hivesystems.com/blog/are-your-passwords-in-the-green
1•kemotep•1y ago

Comments

kemotep•1y ago
With NIST finally updating their standards to recommend 15 character password minimums last, I like to use their recommendations and compare them to these charts show how effective such a password would be.

Using E = L x log2(R), where E is entropy, L is number of characters in the password (15), and R is the total number of possible characters used (26 for all lowercase letters), you can get ~70 bits of entropy. Using a password manager like Bitwarden for a 15 character password using the full character set minus the ambiguous characters (65 characters total) leads to ~90 bits of entropy.

Using these charts and figures from the article, a well configured bcrypt setup means even the fastest computer systems still in 2025 cap out at 1 billion hashes per second for offline cracking (without getting into Nation States spending billions on just cracking your passwords, or dedicating all the world’s supercomputers or some other speculations). So to calculate how long it would take with a “realistic” password cracker in 2025, would use this formula:

((((((2^(70-1))/ 1 billion hashes per second)/ 60 seconds)/ 60 minutes)/ 24 hours)/ 365 days) to get ~18,700 years. (Nearly 20 billion years for the Bitwarden generated one)

But without a password filter checking for known bad passwords somewhere like Have I Been Pwned, even a 30 character password that has been leaked is useless. Would be instantly “cracked”. So I personally would have the password policy be:

1. 15 character minimum, no composition rules.

2. All passwords filtered for known bad passwords against HIBP.

3. Accounts protected by MFA.

4. Combination of network controls, best practices security configurations, and alerts and monitoring to help detect and limit/eliminate password guessing attacks, password database dumps.

Hideo Kojima on PlayStation killing discs, 'frightened' for future of ownership

https://www.videogameschronicle.com/news/hideo-kojima-really-sad-about-playstation-killing-discs-...
1•thunderbong•39s ago•0 comments

Bad to worse at NSF? (June 2026 edition)

http://nanoscale.blogspot.com/2026/06/bad-to-worse-at-nsf-june-2026-edition.html
1•osnium123•6m ago•0 comments

Apple sells me a MacBook to deliver $1700; cancels 5 days later quoting $2000?

1•aerodog•6m ago•0 comments

US Car Payments Hit a Record $777 a Month as Down Payments Drop

https://www.bloomberg.com/news/articles/2026-07-01/us-car-payments-hit-a-record-777-a-month-as-do...
2•mattas•8m ago•1 comments

Mondegreen

https://en.wikipedia.org/wiki/Mondegreen
2•JKCalhoun•9m ago•0 comments

YouTube urges creators to fight proposed UK algorithm changes

https://www.dexerto.com/entertainment/youtube-urges-creators-to-fight-proposed-uk-algorithm-chang...
1•thesmtsolver2•15m ago•0 comments

What should a personal website be?

https://ratfactor.com/cards/personal-website
1•vinhnx•18m ago•0 comments

A Novel Look at Error Handling in Rust

https://jtjlehi.github.io/2026/06/25/novel-rust-error-handling.html
2•vinhnx•24m ago•0 comments

Whyline – company memory engine (SQLite, BM25, MCP for Cursor)

https://github.com/Sunradiance/whyline
1•sunradiance•24m ago•0 comments

ABI vs. API (2004)

https://lists.debian.org/debian-user/2004/02/msg00648.html
1•vinhnx•25m ago•0 comments

The White House Campaign to Overturn a World Cup Red Card

https://www.wsj.com/sports/soccer/white-house-fifa-balogun-red-card-world-cup-46276fc8
7•JumpCrisscross•26m ago•0 comments

Designing GPU-Accelerated Query Engines with NVIDIA GQE

https://developer.nvidia.com/blog/designing-gpu-accelerated-query-engines-with-nvidia-gqe/
1•c_lutz•27m ago•0 comments

TaskLoco Is the Sticky Note To-Do App for Visual Thinkers

https://www.taskloco.com/
1•taskloco_nyc•27m ago•0 comments

Nobel Laureate in Chemistry Omar M. Yaghi joins Tsinghua University full-time

https://www.tsinghua.edu.cn/en/info/1244/14984.htm?trk=feed_main-feed-card_feed-article-content
2•osnium123•30m ago•1 comments

Americans of all ages are spending less time socializing

https://www.axios.com/2026/07/05/americans-socializing-decline
1•toomuchtodo•30m ago•0 comments

A Point Of View: How China sees a multicultural world (2012)

https://www.bbc.com/news/magazine-20083309
1•keepamovin•32m ago•1 comments

Android's Earthquake Alerts Saved My Life in Venezuela

https://www.howtogeek.com/androids-earthquake-alerts-saved-my-life-in-venezuela/
2•olgs•38m ago•1 comments

Technical Report on the Pangram AI-Generated Text Classifier (2024)

https://arxiv.org/abs/2402.14873
1•imustachyou•40m ago•0 comments

Can you run every line of code in Super Mario Bros.? [video]

https://www.youtube.com/watch?v=o0gOALTvkcc
2•medbar•40m ago•0 comments

Shrimple – A Simpler, Nicer Markdown

https://qount25.dev/Shrimple/
1•usrbinenv•43m ago•0 comments

McKinsey: Catalyzing competitiveness – Where investment happens and why

https://www.mckinsey.com/mgi/our-research/catalyzing-competitiveness-where-investment-happens-and...
1•TMWNN•48m ago•0 comments

Lord of the Roths

https://www.propublica.org/article/lord-of-the-roths-how-tech-mogul-peter-thiel-turned-a-retireme...
7•Anon84•52m ago•0 comments

Rules for Building SaaS in 2026

https://old.reddit.com/r/SaaS/comments/1unw3aj/the_18_rules_for_building_saas_in_2026/
2•nomilk•53m ago•0 comments

Show HN: Openleetcode – Run LeetCode solutions locally against open tests

https://github.com/therepanic/openleetcode/releases/tag/v1.0.1
1•therepanic•53m ago•0 comments

People Who Will Thrive in the AI Age

https://www.theatlantic.com/ideas/2026/06/ai-open-ai-anthropic/687689/
3•longhaul•53m ago•0 comments

What is Bending Spoons? The little-known AOL and Vimeo owner that's now public

https://techcrunch.com/2026/07/05/what-is-bending-spoons-everything-to-know-about-aols-acquirer/
1•jack1689•54m ago•2 comments

Understanding Postgres 19 Property Graphs

https://neovintage.org/posts/postgres-property-graphs/
3•craigkerstiens•59m ago•0 comments

GitHub Freno: cooperative, highly available throttler service

https://github.com/github/freno
1•nateb2022•1h ago•0 comments

Castro Podcasts – Things I got wrong: Support

https://www.uncommonapps.nyc/p/castro-podcasts-things-i-got-wrong-support
1•dabluck•1h ago•0 comments

Designing Market Data for Deterministic Replay

https://electronictradinghub.com/designing-market-data-for-deterministic-replay/
1•silahian•1h ago•0 comments