frontpage.
newsnewestaskshowjobs

Open Source @Github

fp.

Open in hackernews

Are Your Passwords in the Green? (2025)

https://www.hivesystems.com/blog/are-your-passwords-in-the-green
1•kemotep•1y ago

Comments

kemotep•1y ago
With NIST finally updating their standards to recommend 15 character password minimums last, I like to use their recommendations and compare them to these charts show how effective such a password would be.

Using E = L x log2(R), where E is entropy, L is number of characters in the password (15), and R is the total number of possible characters used (26 for all lowercase letters), you can get ~70 bits of entropy. Using a password manager like Bitwarden for a 15 character password using the full character set minus the ambiguous characters (65 characters total) leads to ~90 bits of entropy.

Using these charts and figures from the article, a well configured bcrypt setup means even the fastest computer systems still in 2025 cap out at 1 billion hashes per second for offline cracking (without getting into Nation States spending billions on just cracking your passwords, or dedicating all the world’s supercomputers or some other speculations). So to calculate how long it would take with a “realistic” password cracker in 2025, would use this formula:

((((((2^(70-1))/ 1 billion hashes per second)/ 60 seconds)/ 60 minutes)/ 24 hours)/ 365 days) to get ~18,700 years. (Nearly 20 billion years for the Bitwarden generated one)

But without a password filter checking for known bad passwords somewhere like Have I Been Pwned, even a 30 character password that has been leaked is useless. Would be instantly “cracked”. So I personally would have the password policy be:

1. 15 character minimum, no composition rules.

2. All passwords filtered for known bad passwords against HIBP.

3. Accounts protected by MFA.

4. Combination of network controls, best practices security configurations, and alerts and monitoring to help detect and limit/eliminate password guessing attacks, password database dumps.

Migrating 65B Database Rows

https://usefathom.com/blog/two-database-migrations-and-a-divorce
1•okozzie•8s ago•0 comments

Most website owners don't know the 5 stages of a domain expiration

https://urlwatch.io/blog/5-stages-domain-expiration.php
1•urlwatch•2m ago•0 comments

The Linux Watchdog Driver API

https://docs.kernel.org/watchdog/watchdog-api.html
1•ankitg12•3m ago•0 comments

WSJ Article Claiming China Has Matched Anthropic Is Obvious Nonsense

https://www.lesswrong.com/posts/2zSpuGJRk6EyjHAL6/wsj-article-claiming-china-has-matched-anthropi...
1•joozio•3m ago•0 comments

Stories Told About Data Centres

https://pxlnv.com/blog/stories-told-about-data-centres/
2•danaris•5m ago•0 comments

Debateee, a place for structured online debates

https://www.debateee.com/
1•mstfah•5m ago•0 comments

Yuji Tachikawa reports Claude Fable solved a 6-month physics roadblock

https://twitter.com/yujitach/status/2076327681562644709
1•sciclaw•9m ago•2 comments

The Infinite Policeman – Chapter 2.000000001->

https://medium.com/luminasticity/the-infinite-policeman-chapter-2-000000001-7fd8da221cd1
1•bryanrasmussen•15m ago•0 comments

Building a Nostr Client (2023)

https://nickmonad.blog/2023/building-nostr-client-index-0/
1•enz•15m ago•0 comments

Bonsai

https://bonsaiedu.org
1•zachwallace•16m ago•0 comments

Dunning-Kruger After AI: The Gap That No Longer Closes

https://blog.zoller.lu/2026/07/dunning-kruger-after-ai-gap-that-no.html
1•thierryzoller•21m ago•0 comments

New Zealand actor Sam Neill, known for Jurassic Park and The Piano, dies at 78

https://cnalifestyle.channelnewsasia.com/entertainment/sam-neill-dead-jurassic-park-actor-585891
3•doppp•24m ago•1 comments

OVS and OVN Explained: The Networking Stack Behind OpenStack

https://www.openstack.org/blog/ovs-and-ovn-explained-the-networking-stack-behind-openstack/
2•ankitg12•33m ago•0 comments

Ransomware negotiator hired to represent victims was working for the attackers

https://arstechnica.com/tech-policy/2026/07/ransomware-negotiator-helped-attackers-extort-his-own...
1•LaSombra•36m ago•0 comments

Show HN: TokenDrift – find hardcoded colors/spacing hiding in your CSS

1•vedantyede•39m ago•0 comments

Pharmacology Simulation Game

https://pharmochi.app/
3•altilunium•40m ago•0 comments

Show HN: Made a website for downloading EU and US LiDAR scans and terrain models

https://hillsha.de
2•jonash54•42m ago•0 comments

Popnix – A Xonix-style land-grab played on 3D bubblewrap

https://playpopnix.com/
1•shauntrennery•42m ago•0 comments

The Winners of the AI Era

https://calcrecipe.com/en/workshop/7
2•wsdn•42m ago•0 comments

Show HN: AgentTransfer now lets agents self-sign-up and get web app hosting

https://agenttransfer.dev/#apps
1•tomatoes2026•46m ago•1 comments

Show HN: Level – a new demo for 8bit Atari XL/XE

https://ilmenit.github.io/level-by-agenda/
2•ilmenit•46m ago•0 comments

10 years of Pokémon Go and the millions still trying to catch 'em all

https://www.bbc.com/news/articles/cevlwk4nrm7o
1•1659447091•46m ago•1 comments

New NSF policy would ban almost all collaborations with Chinese scientists

https://www.science.org/content/article/new-nsf-policy-would-ban-almost-all-collaborations-chines...
3•eecc•48m ago•1 comments

Rumi's Masnavi

https://www.dar-al-masnavi.org/masnavi.html
1•andsoitis•51m ago•0 comments

Is reading others' experiences like a spoiler to life?

https://substack.com/profile/392328897-prakhar-agrawal/note/c-293492268
1•ghostrich•51m ago•2 comments

Rewisp – An ambient screen memory for macOS that never writes images to disk

https://yashmitb.github.io/Rewisp/
1•yashmitb•52m ago•0 comments

Backtrack-Free Cursive

https://mmapped.blog/posts/52-backtrack-free-cursive
4•dmit•56m ago•1 comments

Actor Sam Neill has died

https://www.stuff.co.nz/politics/361005656/actor-sam-neill-has-died
2•backlit4034•57m ago•1 comments

Show HN: Monitor any website, discuss outages, and post verified owner updates

https://anysite.live/site/news.ycombinator.com
1•joseph2024•58m ago•0 comments

Giving "AI slop" as feedback says as much about the commenter as the creator

https://thetruthasiseeitnow.com/using-ai-slop-as-feedback-tells-as-much-about-the-commenter-as-th...
2•cinooo•58m ago•0 comments