frontpage.
newsnewestaskshowjobs

Open Source @Github

fp.

Open in hackernews

Are Your Passwords in the Green? (2025)

https://www.hivesystems.com/blog/are-your-passwords-in-the-green
1•kemotep•1y ago

Comments

kemotep•1y ago
With NIST finally updating their standards to recommend 15 character password minimums last, I like to use their recommendations and compare them to these charts show how effective such a password would be.

Using E = L x log2(R), where E is entropy, L is number of characters in the password (15), and R is the total number of possible characters used (26 for all lowercase letters), you can get ~70 bits of entropy. Using a password manager like Bitwarden for a 15 character password using the full character set minus the ambiguous characters (65 characters total) leads to ~90 bits of entropy.

Using these charts and figures from the article, a well configured bcrypt setup means even the fastest computer systems still in 2025 cap out at 1 billion hashes per second for offline cracking (without getting into Nation States spending billions on just cracking your passwords, or dedicating all the world’s supercomputers or some other speculations). So to calculate how long it would take with a “realistic” password cracker in 2025, would use this formula:

((((((2^(70-1))/ 1 billion hashes per second)/ 60 seconds)/ 60 minutes)/ 24 hours)/ 365 days) to get ~18,700 years. (Nearly 20 billion years for the Bitwarden generated one)

But without a password filter checking for known bad passwords somewhere like Have I Been Pwned, even a 30 character password that has been leaked is useless. Would be instantly “cracked”. So I personally would have the password policy be:

1. 15 character minimum, no composition rules.

2. All passwords filtered for known bad passwords against HIBP.

3. Accounts protected by MFA.

4. Combination of network controls, best practices security configurations, and alerts and monitoring to help detect and limit/eliminate password guessing attacks, password database dumps.

Choice Notes on History from Notes and Queries (1858)

https://publicdomainreview.org/collection/choice-notes-from-notes-and-queries/
1•pepys•28s ago•0 comments

Show HN: I built a site to see what politicians are beating S&P 500

https://politicianstocktracker.com/
1•wbemaker•4m ago•0 comments

Debian Bookworm v12.15 Released

https://www.debian.org/News/2026/2026071102
1•saikatsg•6m ago•0 comments

Show HN: ClaudeThings – your AI engineering and marketing team in one command

https://www.claudethings.com/
1•mohitvaswani•8m ago•0 comments

Show HN: Free color tools that run entirely in the browser (no sign-up)

https://colorpicker.cx
1•djerek•9m ago•0 comments

MicroVM sandbox on Win, Mac, Linux, with policy engine

https://docs.docker.com/ai/sandboxes
1•pploug•11m ago•0 comments

OpenAI Added 1M Users in a Day. Fable Is Still in Limbo

https://www.vincentschmalbach.com/codex-million-users-fable-limbo/
2•vincent_s•12m ago•0 comments

Slay the Spire 2 Is Choosing "Shit" Art over Generative AI

https://www.gamespot.com/articles/slay-the-spire-2-is-choosing-shit-art-over-generative-ai/
2•jalev•18m ago•0 comments

Autoresearch doubled GLM-5.2 throughput. Production traffic broke it

https://fparisio.substack.com/p/an-ai-agent-cold-tuned-our-glm-52
2•Leonerd•18m ago•0 comments

Trump admin and industry groups discuss streamlining releases of US open models

https://www.washingtonpost.com/wp-intelligence/ai-tech-brief/2026/07/13/ai-tech-brief-exclusive-a...
1•thoughtpeddler•18m ago•1 comments

Hermes Agent maker Nous Research in talks for new funding at $1.5B valuation

https://techcrunch.com/2026/07/13/hermes-agent-maker-nous-research-in-talks-for-new-funding-at-1-...
1•thoughtpeddler•20m ago•0 comments

Starship's Thirteenth Flight Test

https://www.spacex.com/launches/starship-flight-13
1•pantalaimon•24m ago•0 comments

Jurassic Park computers in excruciating detail

https://fabiensanglard.net/jurrasic_park_computers/index.html
1•rcarmo•24m ago•0 comments

I auto-configure my reverse proxy and uptime monitoring using DNS-DS

https://rogena.me/posts/2026-07-12-running-my-home-lab-using-dns-sd/
1•jasonrogena•30m ago•0 comments

Show HN: ZenStack – access control at the ORM layer, built for coding agents

https://zenstack.framer.website/
1•carlual•32m ago•0 comments

The Anatomy of an Instruction Pipeline Hazard

https://hiraditya.github.io/posts/hardware-hazards-b200/
2•somnial•34m ago•0 comments

Ask HN: Why has Wikipedia become evil?

4•roschdal•35m ago•3 comments

What Anthropic's latest AI discovery does–and doesn't–show

https://www.technologyreview.com/2026/07/13/1140343/what-anthropics-latest-ai-discovery-does-and-...
1•joozio•39m ago•0 comments

Show HN: A FPV Lego car, controlled in Rust

https://dystroy.org/blog/picamobile/
1•dystroy•42m ago•1 comments

Patent for Electric Motor Platform Without Rare-Earth Minerals

https://auto.economictimes.indiatimes.com/news/auto-technology/
1•0xkistu•43m ago•1 comments

Helicone allows users to write SQL directly to a shared ClickHouse

https://www.justintorre.com/blogs/clickhouse-rls-query-parameters
1•justintorre75•49m ago•0 comments

Show HN: Benchmark your eng team's AI agent maturity in 5 minutes

https://agent-benchmarks.com/software-factory/
2•adamgold7•52m ago•0 comments

The Lies They're Telling Towns and Tribes About the Benefits of AI Data Centers

https://karlbode.com/the-lies-theyre-telling-towns-and-tribes-about-the-benefits-of-ai-data-centers/
1•HotGarbage•52m ago•0 comments

Show HN: I built a small transcription tool for non-English videos

https://transcrevervideo.com
1•Yummiy•52m ago•1 comments

Indian scientists produce most detailed 3D atlas of the human brainstem

https://www.bbc.com/news/articles/cg53l737v1qo
2•BaudouinVH•57m ago•0 comments

Why frontier labs are scaling-pilled

https://invertedpassion.substack.com/p/why-frontier-labs-are-scaling-pilled
1•paraschopra•57m ago•0 comments

There's an Ancient Solution to Our Modern Crisis of Attention

https://www.nytimes.com/2026/07/12/opinion/attention-crisis-seneca.html
1•thelastgallon•59m ago•0 comments

Netflix accidentally shipped a Claude.md file

https://www.reddit.com/r/AgentsOfAI/s/GYaEDTim0U
2•Ozzie_osman•1h ago•1 comments

Anthropic banned my thirteen 20x accounts, what now?

1•flipdin•1h ago•5 comments

Weakening copyright to benefit AI would betray Australian Labor party's ethos

https://www.theguardian.com/australia-news/2026/jul/14/ed-husic-tells-labor-to-get-tougher-on-ai-...
2•ggm•1h ago•0 comments