frontpage.
newsnewestaskshowjobs

Open Source @Github

fp.

Open in hackernews

Are Your Passwords in the Green? (2025)

https://www.hivesystems.com/blog/are-your-passwords-in-the-green
1•kemotep•1y ago

Comments

kemotep•1y ago
With NIST finally updating their standards to recommend 15 character password minimums last, I like to use their recommendations and compare them to these charts show how effective such a password would be.

Using E = L x log2(R), where E is entropy, L is number of characters in the password (15), and R is the total number of possible characters used (26 for all lowercase letters), you can get ~70 bits of entropy. Using a password manager like Bitwarden for a 15 character password using the full character set minus the ambiguous characters (65 characters total) leads to ~90 bits of entropy.

Using these charts and figures from the article, a well configured bcrypt setup means even the fastest computer systems still in 2025 cap out at 1 billion hashes per second for offline cracking (without getting into Nation States spending billions on just cracking your passwords, or dedicating all the world’s supercomputers or some other speculations). So to calculate how long it would take with a “realistic” password cracker in 2025, would use this formula:

((((((2^(70-1))/ 1 billion hashes per second)/ 60 seconds)/ 60 minutes)/ 24 hours)/ 365 days) to get ~18,700 years. (Nearly 20 billion years for the Bitwarden generated one)

But without a password filter checking for known bad passwords somewhere like Have I Been Pwned, even a 30 character password that has been leaked is useless. Would be instantly “cracked”. So I personally would have the password policy be:

1. 15 character minimum, no composition rules.

2. All passwords filtered for known bad passwords against HIBP.

3. Accounts protected by MFA.

4. Combination of network controls, best practices security configurations, and alerts and monitoring to help detect and limit/eliminate password guessing attacks, password database dumps.

BoundFlow – Make your agents safe and production-ready

https://github.com/boundflow/boundflow
1•alama24•13s ago•0 comments

Show HN: The Quiet Map – Earth's quietest place, measured by seismometers

https://thequietmap.org/
1•theceka•16s ago•0 comments

Where did my segfault go?

https://rmpr.xyz/Where-did-my-segfault-go/
1•RMPR•43s ago•0 comments

Blocking Distracting News Links

https://retout.co.uk/2026/07/10/blocking-distracting-news-links/
1•edward•4m ago•0 comments

Here's Why Some Humans Can Hear Super Low-Frequency Sounds

https://nautil.us/heres-why-some-humans-can-hear-super-low-frequency-sounds-1282626
2•Brajeshwar•5m ago•0 comments

GitByBit

https://gitbybit.com/
1•neochief•6m ago•0 comments

Madame Semver Will See You Now

https://nesbitt.io/2026/05/10/madame-semver-will-see-you-now.html
2•birdculture•7m ago•0 comments

LLMs are adapting their environments to themselves

https://ianbarber.blog/2026/07/11/who-is-walking-who/
1•phpencil•9m ago•0 comments

Show HN: Document Scanner for Freight Verification

https://www.cipherandrow.com/
1•jnowlan21•11m ago•0 comments

Being part of one of the biggest wealth creation events in history (AI)

https://www.washingtonpost.com/technology/2026/07/11/ais-soon-to-be-billionaires-want-know-what-d...
1•bookofjoe•13m ago•1 comments

Bluesky has an official CEO again

https://www.engadget.com/2212928/bluesky-official-ceo-toni-schneider/
1•cdrnsf•13m ago•0 comments

Cuban Missile Crisis II – Cuban Has Drones Capable of Striking the USA

https://jeffreylminch.substack.com/p/cuban-missile-crisis-ii-cuban-has
1•rmason•14m ago•1 comments

Harmonic Contour Integration: Compact, distributed edge detection algorithm

https://github.com/RenderBear/hci
1•RenderBear•14m ago•1 comments

Bitemporal provenance in agent memory: What did we believe, when, and why

1•shanrizvi•15m ago•0 comments

Construction workers, electricians, couriers: ICE disguises to detain migrants

https://english.elpais.com/usa/2026-07-11/construction-workers-electricians-couriers-how-ice-agen...
2•hn_acker•15m ago•2 comments

Restoring and Demoing 1960s Vintage Computers at the Computer History Museum [pdf]

https://ibm-1401.info/pictures/Proc-MIW-2017-Garner-1401PDP1.pdf
2•rbanffy•15m ago•0 comments

Show HN: OpenBenchmarks – Helping agents discover and pick the right SaaS APIs

https://openbenchmarks.com
4•fenilsuchak•16m ago•2 comments

Entire Is building a Git network for agents

https://thenewstack.io/entire-git-for-agents/
1•rmason•17m ago•0 comments

The code review is dead, long live the code review

https://www.thoughtworks.com/en-us/insights/blog/testing/code-review-dead-long-live-code-review
1•backlit4034•17m ago•0 comments

OpenAI Forked Git on GitHub

https://github.com/openai/git
21•rahlokzero•18m ago•15 comments

Why does Opus 4.8 think it's morally superior

1•hughmcinnis•22m ago•0 comments

I built TradingSpy: local, privacy-first AI trading assistant(First Open Source)

https://github.com/mrhustlex/TradingSpy-TradingAgentService
1•mrhustlex•22m ago•0 comments

GPT-5.6-Sol just accidentally deleted almost ALL of my Mac's files

https://xcancel.com/mattshumer_/status/2075657271401390161
3•theanonymousone•23m ago•0 comments

QuickJS: An Embeddable JavaScript Engine

https://bellard.org/quickjs/
1•azhenley•25m ago•0 comments

Modern Design Headache: A Cerebral Basis for Visual Discomfort and Visual Stress

https://www.mdpi.com/2411-5150/10/2/34
1•rawgabbit•30m ago•1 comments

Eden Surge

https://surge.edenictech.com/
1•VictorMgaya•33m ago•0 comments

Show HN: Sanfransim.com – a long waited startup simulation game

https://sanfransim.com/
1•milkers•38m ago•0 comments

The Infrastructure Fallacy: Why Most Sales Problems Are Strategy Prob

https://medium.com/@alanscottencinas/the-infrastructure-fallacy-why-most-sales-problems-are-actua...
1•encinas88•42m ago•0 comments

RetroAchievements

https://retroachievements.org/
1•Tomte•45m ago•1 comments

Forms of life, forms of mind by Dr. Michael Levin

https://thoughtforms.life/a-talk-for-mental-health-professionals/
1•plucafs•45m ago•0 comments