frontpage.
newsnewestaskshowjobs

Open Source @Github

fp.

Open in hackernews

Are Your Passwords in the Green? (2025)

https://www.hivesystems.com/blog/are-your-passwords-in-the-green
1•kemotep•1y ago

Comments

kemotep•1y ago
With NIST finally updating their standards to recommend 15 character password minimums last, I like to use their recommendations and compare them to these charts show how effective such a password would be.

Using E = L x log2(R), where E is entropy, L is number of characters in the password (15), and R is the total number of possible characters used (26 for all lowercase letters), you can get ~70 bits of entropy. Using a password manager like Bitwarden for a 15 character password using the full character set minus the ambiguous characters (65 characters total) leads to ~90 bits of entropy.

Using these charts and figures from the article, a well configured bcrypt setup means even the fastest computer systems still in 2025 cap out at 1 billion hashes per second for offline cracking (without getting into Nation States spending billions on just cracking your passwords, or dedicating all the world’s supercomputers or some other speculations). So to calculate how long it would take with a “realistic” password cracker in 2025, would use this formula:

((((((2^(70-1))/ 1 billion hashes per second)/ 60 seconds)/ 60 minutes)/ 24 hours)/ 365 days) to get ~18,700 years. (Nearly 20 billion years for the Bitwarden generated one)

But without a password filter checking for known bad passwords somewhere like Have I Been Pwned, even a 30 character password that has been leaked is useless. Would be instantly “cracked”. So I personally would have the password policy be:

1. 15 character minimum, no composition rules.

2. All passwords filtered for known bad passwords against HIBP.

3. Accounts protected by MFA.

4. Combination of network controls, best practices security configurations, and alerts and monitoring to help detect and limit/eliminate password guessing attacks, password database dumps.

CorvinOS – an agentic OS where GDPR/EU AI Act compliance can't be switched off

https://github.com/CorvinLabs/CorvinOS
1•shumway•1m ago•0 comments

Claude Code Antigravity CLI Agents Skill

https://github.com/markfulton/claude-antigravity-agents
1•DotSauce•1m ago•0 comments

Show HN: Mondael.com – Institutional Intelligence for Prediction Markets

https://mondael.com
1•16th_hop•2m ago•0 comments

Show HN: Sonn a reasoning layer that nudges coding agent before it makes mistake

https://sonn.dev
1•AlexSonn•3m ago•0 comments

Show HN: Phobos – A tiny scale-free kernel language with tile-DAG support

https://www.joa-ebert.com/posts/2026-07-07-phobos-lang/
1•joajoa•4m ago•0 comments

Eliminating Go bound checks with unsafe

https://blog.andr2i.com/posts/2026-07-06-eliminating-go-bound-checks-with-unsafe
1•g0xA52A2A•4m ago•0 comments

Most AI Work Can Wait

https://tomtunguz.com/ai-execution-routing/
1•speckx•4m ago•0 comments

Show HN: Excogni – open-source cognitive training that can't leak your email

https://xcgni.com/
1•brna-2•5m ago•0 comments

Amazon aims to raise $25B from bond sale, Bloomberg News reports

https://www.reuters.com/legal/transactional/amazon-aims-raise-25-billion-bond-sale-bloomberg-news...
2•enlightpixel•5m ago•0 comments

ScreenStack Is Looking for Design Partners

1•ud0•5m ago•0 comments

Mark Zuckerberg's biggest legal nightmare yet could cost Meta $1.4T

https://www.the-independent.com/tech/mark-zuckerberg-meta-fine-trillion-b3010281.html
3•wrxd•6m ago•0 comments

OpenCRA

https://github.com/borisRadonic/OpenCRA
2•BorisRadonic•8m ago•1 comments

The Gap Map v0.1

https://www.currentai.org/blogs/introducing-the-gap-map-v0-1
1•surprisetalk•9m ago•0 comments

Show HN: Sprytools – 26 small developer APIs behind one key

https://sprytools.com/api/
1•grenzfrei•9m ago•0 comments

Netherlands recruited 29 top scientist leaving U.S. under Trump

https://nltimes.nl/2026/07/07/netherlands-recruited-29-top-scientist-leaving-us-trump
2•jacquesm•9m ago•1 comments

Hacking the bureaucracy to get stuff done (2020)

https://www.zainrizvi.io/blog/hacking-the-bureaucracy-to-get-stuff-done/
1•cdirkx•10m ago•0 comments

A visual calculator to estimate and compare LLM API pricing

https://neutraloverdrive.com/tools/token-calculator/
1•brancpa•10m ago•0 comments

Software is eating the world, AUTONOMOUSLY

https://2030.marketing/software-is-eating-the-world-autonomously/
1•TechOnionKing•10m ago•0 comments

Space Force's high-powered electro beam nullifies hostile satellites

https://newatlas.com/military/space-force-meadowlands-satellite-blinding-beam-weapon/
2•geox•11m ago•0 comments

Show HN: SigMap – deterministic repo maps for AI coding agents

https://sigmap.io
2•cees007•12m ago•0 comments

Ask HN: What are alternative to Upwork for side gig?

2•user7878•12m ago•1 comments

Show HN: Sdlc factory built on pi.dev:intent->DDD->architecture->tested code

https://github.com/arman-jalili/guardian-framework
1•arman-w-jalili•12m ago•0 comments

Court allows far-right leader Marine Le Pen to run for president

https://www.nbcnews.com/world/europe/france-far-right-marine-le-pen-presidential-election-macron-...
2•Alien1Being•13m ago•0 comments

A design system for Rust/egui where token violations fail the build

https://ouroboros-ui.typezerolabs.com
1•mauriciojuba•14m ago•0 comments

The Perfect Cripple: A User Guide to Being Palatable

https://www.salient.org.nz/post/the-perfect-cripple-a-user-guide-to-being-palatable
2•speckx•15m ago•0 comments

Discovery helps explain why solid-state batteries often fail

https://news.mit.edu/2026/discovery-helps-explain-why-solid-state-batteries-often-fail-0706
1•gmays•15m ago•0 comments

Amazon Returns to US Bond Market to Fund AI Infrastructure Build

https://www.bloomberg.com/news/articles/2026-07-07/amazon-returns-to-us-bond-market-to-fund-ai-in...
2•thm•16m ago•0 comments

The Popup That Says the Quiet Part Out Loud

https://blog.ppb1701.com/the-popup-that-says-the-quiet-part-out-loud
1•ExMachina73•17m ago•0 comments

I was wrong about Duff's device

https://unsung.aresluna.org/i-was-wrong-about-duffs-device/
1•colejohnson66•17m ago•0 comments

Agents don't need smarter models, they need a map

https://horiacristescu.github.io/karto-plugin/
1•visarga•18m ago•0 comments