frontpage.
newsnewestaskshowjobs

Made with ♥ by @iamnishanth

Open Source @Github

Open in hackernews

Are Your Passwords in the Green? (2025)

https://www.hivesystems.com/blog/are-your-passwords-in-the-green
1•kemotep•2mo ago

Comments

kemotep•2mo ago
With NIST finally updating their standards to recommend 15 character password minimums last, I like to use their recommendations and compare them to these charts show how effective such a password would be.

Using E = L x log2(R), where E is entropy, L is number of characters in the password (15), and R is the total number of possible characters used (26 for all lowercase letters), you can get ~70 bits of entropy. Using a password manager like Bitwarden for a 15 character password using the full character set minus the ambiguous characters (65 characters total) leads to ~90 bits of entropy.

Using these charts and figures from the article, a well configured bcrypt setup means even the fastest computer systems still in 2025 cap out at 1 billion hashes per second for offline cracking (without getting into Nation States spending billions on just cracking your passwords, or dedicating all the world’s supercomputers or some other speculations). So to calculate how long it would take with a “realistic” password cracker in 2025, would use this formula:

((((((2^(70-1))/ 1 billion hashes per second)/ 60 seconds)/ 60 minutes)/ 24 hours)/ 365 days) to get ~18,700 years. (Nearly 20 billion years for the Bitwarden generated one)

But without a password filter checking for known bad passwords somewhere like Have I Been Pwned, even a 30 character password that has been leaked is useless. Would be instantly “cracked”. So I personally would have the password policy be:

1. 15 character minimum, no composition rules.

2. All passwords filtered for known bad passwords against HIBP.

3. Accounts protected by MFA.

4. Combination of network controls, best practices security configurations, and alerts and monitoring to help detect and limit/eliminate password guessing attacks, password database dumps.

Reinventing the Python Wheel

https://lwn.net/Articles/1028299/
1•zahlman•3m ago•0 comments

Why don't I drink? How much time you got?

https://shaungallagher.pressbin.com/blog/drinking.html
1•jawns•3m ago•0 comments

"Far out, man": how Jimi Hendrix boosted the career of Sha Na Na (2024)

https://faroutmagazine.co.uk/how-jimi-hendrix-boosted-the-career-of-sha-na-na
1•thomassmith65•4m ago•0 comments

Build an AI Agent Web App with String and Lovable

https://pipedream.com/blog/build-an-ai-agent-with-string-lovable/
1•todsacerdoti•5m ago•0 comments

Cascading retrieval with multi-vector representations

https://www.pinecone.io/blog/cascading-retrieval-with-multi-vector-representations/
1•gk1•11m ago•0 comments

Earn $200 by referring only. FREE

https://waitlister.me/p/trading-platform-of-the-future
1•DavidvsGoliath•12m ago•0 comments

What a bumble bee chooses to eat may not match its ideal diet

https://phys.org/news/2025-07-bumble-bee-ideal-diet.html
1•PaulHoule•12m ago•0 comments

Shutting Down Clear Linux OS

https://community.clearlinux.org/t/all-good-things-come-to-an-end-shutting-down-clear-linux-os/10716
7•todsacerdoti•15m ago•2 comments

Nuxt Joins Vercel

https://vercel.com/blog/nuxtlabs-joins-vercel
1•rattray•19m ago•1 comments

The Kap Programming Language

https://kapdemo.dhsdevelopments.com/examples.html
2•thunderbong•25m ago•0 comments

A Software for One

https://www.jasonthorsness.com/30
2•jasonthorsness•25m ago•0 comments

Women Are Falling Behind in America's Return to the Office

https://www.wsj.com/lifestyle/careers/return-to-office-gender-gap-236392aa
5•bdev12345•26m ago•0 comments

Astronomer launches internal investigation after viral Coldplay video

https://www.cnn.com/2025/07/18/entertainment/coldplay-concert-kiss-cam-astronomer-investigation
2•bb88•26m ago•0 comments

Build your CV on Subreply as a LinkedIn alternative

https://subreply.com/lm
4•lcnmrn•30m ago•0 comments

Curse Not the King

https://daringfireball.net/2025/07/curse_not_the_king_cbs_colbert_trump
2•Bogdanp•31m ago•0 comments

The Physics of Dissonance (MinutePhysics) [video]

https://www.youtube.com/watch?v=tCsl6ZcY9ag
1•jerf•36m ago•0 comments

Billionaire Gabe Newell: pitching VCs makes no business sense

https://www.pcgamer.com/gaming-industry/multi-billionaire-gabe-newell-says-the-whole-startup-culture-of-pitching-vcs-for-capital-makes-no-business-sense-a-great-way-of-destroying-money-and-wasting-peoples-time/
6•e2e4•36m ago•0 comments

Ccusage: A CLI tool for analyzing Claude Code usage from local JSONL files

https://github.com/ryoppippi/ccusage
14•kristianp•37m ago•3 comments

Fuzzing macOS Userland (For Fun and Pain)

https://marqcodes.com/fuzzyingforfun.html
1•N3Xxus_6•38m ago•0 comments

Free Online Minesweeper

https://www.freeonlineminesweeper.com
1•avonmach•39m ago•0 comments

DHH – I Hate TypeScript (3 min video)

https://www.youtube.com/watch?v=tyjUH5TLSTM
3•rmason•44m ago•0 comments

Show HN: Interactive Bash tutorial that runs in the browser

https://sandbox.bio/tutorials/bash-script
2•raboukhalil•47m ago•0 comments

Show HN: Castream – Native iOS/Android IRL multistreaming app

1•acabralto•47m ago•0 comments

There Is No Antimemetics Division – A Novel (2025)

https://www.penguinrandomhouse.com/books/783041/there-is-no-antimemetics-division-by-qntm/
2•Duanemclemore•51m ago•1 comments

First earthquake, then fire: UC San Diego researchers test steel building

https://www.kpbs.org/news/science-technology/2025/07/17/first-earthquake-then-fire-uc-san-diego-researchers-test-steel-building
2•littlexsparkee•53m ago•1 comments

Ask HN: What are your favorite open source AI agent implementations?

2•kanodiaashu•54m ago•0 comments

Node.js 18 is being deprecated

https://vercel.com/changelog/node-js-18-is-being-deprecated
1•ananddtyagi•58m ago•0 comments

EPA says it will eliminate its scientific reseach arm

https://www.nytimes.com/2025/07/18/climate/epa-firings-scientific-research.html
46•anigbrowl•59m ago•9 comments

Vibe coding? AI assisted coding? I prefer being an AI micromanager [video]

https://www.youtube.com/watch?v=3gnfOnhC1EA
5•godot•1h ago•0 comments

"Pitch in " Anti-Litter PSA (1973) [video]

https://www.youtube.com/watch?v=Sba0GzhZ088
1•petethomas•1h ago•0 comments