frontpage.
newsnewestaskshowjobs

Open Source @Github

fp.

Open in hackernews

Are Your Passwords in the Green? (2025)

https://www.hivesystems.com/blog/are-your-passwords-in-the-green
1•kemotep•1y ago

Comments

kemotep•1y ago
With NIST finally updating their standards to recommend 15 character password minimums last, I like to use their recommendations and compare them to these charts show how effective such a password would be.

Using E = L x log2(R), where E is entropy, L is number of characters in the password (15), and R is the total number of possible characters used (26 for all lowercase letters), you can get ~70 bits of entropy. Using a password manager like Bitwarden for a 15 character password using the full character set minus the ambiguous characters (65 characters total) leads to ~90 bits of entropy.

Using these charts and figures from the article, a well configured bcrypt setup means even the fastest computer systems still in 2025 cap out at 1 billion hashes per second for offline cracking (without getting into Nation States spending billions on just cracking your passwords, or dedicating all the world’s supercomputers or some other speculations). So to calculate how long it would take with a “realistic” password cracker in 2025, would use this formula:

((((((2^(70-1))/ 1 billion hashes per second)/ 60 seconds)/ 60 minutes)/ 24 hours)/ 365 days) to get ~18,700 years. (Nearly 20 billion years for the Bitwarden generated one)

But without a password filter checking for known bad passwords somewhere like Have I Been Pwned, even a 30 character password that has been leaked is useless. Would be instantly “cracked”. So I personally would have the password policy be:

1. 15 character minimum, no composition rules.

2. All passwords filtered for known bad passwords against HIBP.

3. Accounts protected by MFA.

4. Combination of network controls, best practices security configurations, and alerts and monitoring to help detect and limit/eliminate password guessing attacks, password database dumps.

Continuous low-intensity ultrasound downregulates inflammation in macrophages

https://www.nature.com/articles/s41598-026-53228-6
1•bookofjoe•33s ago•0 comments

Why your AI bill is bigger than it should be

https://leaddev.com/ai/why-your-ai-bill-is-bigger-than-it-should-be
1•chhum•2m ago•0 comments

Opinion: I Was Not Allowed to Type Prompts into ChatGPT During My Chalk Talk

https://inpreparation.substack.com/p/opinion-i-was-not-allowed-to-type
1•mold_aid•4m ago•1 comments

Show HN: Waisly – a budgeting app that never asks for your bank login

https://getwaisly.app/en
1•Vadim7j7•5m ago•0 comments

JSP for Practical Program Design (1996)

https://archive.org/details/jspforpracticalp0000dudm
1•turtleyacht•7m ago•1 comments

Phone Number Carrier and Line Type with Python and the Telnyx Number Lookup

https://telnyx.com/resources/phone-number-carrier-lookup-python
1•harpreetseehra•8m ago•0 comments

Show HN: Irongate – Serverless Auth on AWS

https://github.com/RobinSrimal/irongate
2•maltaro•8m ago•0 comments

Show HN: HackerNows – Native iOS HN Client

https://hackernows.app/
3•maguszin•10m ago•1 comments

Private equity firm acquires MariaDB (2024)

https://k1.com/k1-acquires-mariadb/
1•elisaado•11m ago•0 comments

BIS Annual Report AI Scenarios

https://www.bis.org/publ/arpdf/ar2026e1.htm
1•2716057•13m ago•0 comments

Show HN: I built an automated productivity system (Telegram –> Notion)

https://singhos.com/
2•RS_Singh•15m ago•0 comments

Loop Engineering – Andrew Ng

https://twitter.com/AndrewYNg/status/2071988145667928442
3•vismit2000•16m ago•0 comments

How to Save a Claude Chat as a PDF [video]

https://www.youtube.com/watch?v=TkucXHpChDE
2•quysala12•25m ago•0 comments

Eight irritating ways America has ruined this World Cup

https://inews.co.uk/sport/football/world-cup-america-eight-irritating-ways-4489438
2•jjgreen•26m ago•2 comments

The Internet I Grew Up with Doesn't Exist Anymore

https://cleberg.net/blog/internet.html
2•felixdoerp•29m ago•1 comments

TokenBudgeting: Our Conversations with Enterprises on Token Spend

https://newsletter.semianalysis.com/p/tokenbudgeting-our-conversations
1•felixdoerp•30m ago•0 comments

When Impressive Performance Gains Do Not Matter

https://blog.colinbreck.com/when-impressive-performance-gains-do-not-matter/
2•signa11•31m ago•0 comments

MacBook Air M4 for development: 1 year review

https://notnotp.com/notes/macbook-air-m4-for-dev/
1•chmaynard•35m ago•0 comments

Apple 'Hide My Email' Vulnerability Reveals Peoples' Real Email Addresses

https://www.404media.co/apple-hide-my-email-vulnerability-reveals-peoples-real-email-addresses/
2•sashk•36m ago•0 comments

Apple iPhone 18 Pro supplier list, parts and photos exposed in Tata data leak

https://www.reuters.com/business/media-telecom/apple-iphone-18-pro-supplier-list-parts-photos-exp...
3•aravpanwar•36m ago•0 comments

Building AGI Using Language Models (2020)

https://bmk.sh/2020/08/17/Building-AGI-Using-Language-Models/
1•rzk•39m ago•0 comments

Stop handwaving away nearly every petition that gains traction on this website

https://petition.parliament.uk/petitions/771707
3•robin_reala•39m ago•0 comments

Shoe Tray Forming Machine

https://eggtraytz.com/shoe-tray-forming-machine/
1•shuliymachinery•40m ago•1 comments

Transcribe.cpp – ggml speech-to-text inference engine

https://github.com/handy-computer/transcribe.cpp
1•sipjca•42m ago•0 comments

We put a Redis server inside our runtime

https://encore.dev/blog/redis-runtime
5•eandre•44m ago•0 comments

The YAML document from hell (2023)

https://ruuda.nl/2023/the-yaml-document-from-hell
1•vismit2000•45m ago•0 comments

Ask HN: Which GitHub features are needed in a code forge before you can migrate?

2•pksunkara•47m ago•1 comments

Asahi Linux 7.1 Progress Report

https://asahilinux.org/2026/06/progress-report-7-1/
75•pantalaimon•49m ago•7 comments

AI models' values are different from most people's

https://www.economist.com/briefing/2026/06/25/ai-models-values-are-very-different-from-most-peoples
2•felixdoerp•51m ago•0 comments

Universal Path Converter

https://universalpathconverter.com/
1•ankitg12•51m ago•0 comments