frontpage.
newsnewestaskshowjobs

Open Source @Github

fp.

Open in hackernews

Are Your Passwords in the Green? (2025)

https://www.hivesystems.com/blog/are-your-passwords-in-the-green
1•kemotep•1y ago

Comments

kemotep•1y ago
With NIST finally updating their standards to recommend 15 character password minimums last, I like to use their recommendations and compare them to these charts show how effective such a password would be.

Using E = L x log2(R), where E is entropy, L is number of characters in the password (15), and R is the total number of possible characters used (26 for all lowercase letters), you can get ~70 bits of entropy. Using a password manager like Bitwarden for a 15 character password using the full character set minus the ambiguous characters (65 characters total) leads to ~90 bits of entropy.

Using these charts and figures from the article, a well configured bcrypt setup means even the fastest computer systems still in 2025 cap out at 1 billion hashes per second for offline cracking (without getting into Nation States spending billions on just cracking your passwords, or dedicating all the world’s supercomputers or some other speculations). So to calculate how long it would take with a “realistic” password cracker in 2025, would use this formula:

((((((2^(70-1))/ 1 billion hashes per second)/ 60 seconds)/ 60 minutes)/ 24 hours)/ 365 days) to get ~18,700 years. (Nearly 20 billion years for the Bitwarden generated one)

But without a password filter checking for known bad passwords somewhere like Have I Been Pwned, even a 30 character password that has been leaked is useless. Would be instantly “cracked”. So I personally would have the password policy be:

1. 15 character minimum, no composition rules.

2. All passwords filtered for known bad passwords against HIBP.

3. Accounts protected by MFA.

4. Combination of network controls, best practices security configurations, and alerts and monitoring to help detect and limit/eliminate password guessing attacks, password database dumps.

The FBI built its own replica small town to simulate real-world cyberattacks

https://techcrunch.com/2026/06/13/the-fbi-built-its-own-replica-small-town-to-simulate-real-world...
1•gnabgib•2m ago•0 comments

Dari AI – An all-in-one AI assistant for macOS that runs on-device

https://apps.apple.com/kz/app/dari-ai/id6779357765?mt=12
1•KZ_AI•3m ago•0 comments

I love LLMs, I hate hype

https://geohot.github.io//blog/jekyll/update/2026/07/12/i-love-llms.html
2•therepanic•4m ago•0 comments

Show HN: FFI bindings for the Rockbox DSP, metadata, and playback engine

https://github.com/tsirysndr/rockboxd/tree/master/bindings
1•tsiry•5m ago•0 comments

Claude Code sends 33k tokens before reading the prompt; OpenCode sends 7k

https://systima.ai/blog/claude-code-vs-opencode-token-overhead
3•systima•10m ago•0 comments

ZeroOS New Operating System

1•apexbyte•10m ago•0 comments

Court

https://lilting.ch/en/articles/claude-code-court-tool-call-hang
1•kekqqq•11m ago•0 comments

I Lit Up an LED Using Only Lemons "No Batteries"

https://comuniq.xyz/post?t=1388
1•01-_-•13m ago•0 comments

I Learned to Read Again

https://substack.magazinenongrata.com/p/how-i-learned-to-read-again
1•georgex7•13m ago•0 comments

Formally verified temporal collisions in Kafka, NATS, RabbitMQ, and Pulsar

https://zenodo.org/records/21298530
1•illyar80•14m ago•0 comments

Building Going on to Convert Institution from a Revolutionary Makeshift (1933)

https://www.nytimes.com/1933/07/27/archives/nazi-prison-camps-to-be-permanent-building-going-on-a...
1•dredmorbius•15m ago•1 comments

Songs in Sign Language Reimagines Disney Musical Moments in ASL [video]

https://www.youtube.com/watch?v=v47p7XHLxYw
1•bane•18m ago•0 comments

Enriched environment exposure accelerates rodent driving skills

https://www.sciencedirect.com/science/article/pii/S0166432819311763
1•AFF87•19m ago•0 comments

Show HN: CC Founder Decision Engine

https://github.com/michaelaz774/decision-engine
1•michael774•20m ago•0 comments

AI and the Fall of Writing

1•Flundstrom2•27m ago•4 comments

Taliban Declares War on Smartphones

https://www.npr.org/2026/07/10/g-s1-132396/smartphones-taliban-afghanistan-ban
3•paulpauper•28m ago•0 comments

FCC Approves Test of Space Mirror to Light Night Sky Despite Outcry

https://www.nytimes.com/2026/07/10/climate/fcc-space-mirror.html
1•paulpauper•28m ago•0 comments

From A.I. To the Deep State, Michel Foucault Foresaw It All

https://www.nytimes.com/2026/07/10/books/review/michel-foucault-ai-tech-power.html
1•paulpauper•29m ago•0 comments

Ask HN: Recommended technographic API?

1•Poomba•30m ago•0 comments

Can We Understand How Large Language Models Reason?

https://cacm.acm.org/news/can-we-understand-how-large-language-models-reason/
2•adunk•31m ago•0 comments

MaFrida v0.3.0 Is Out

https://github.com/theShinigami/MaFrida
1•shiroChef•33m ago•0 comments

Dead Process Mate – a menu-bar app to kill leftover Node/dev processes

https://github.com/BartosK97/dead-process-mate
1•bartosk97•33m ago•0 comments

Claude Code May–July 2026 weekly limits promotion

https://support.claude.com/en/articles/15910845-claude-code-may-july-2026-weekly-limits-promotion
36•alvis•34m ago•44 comments

Cosmic is quietly doing things GNOME and KDE still make you fight for

https://www.xda-developers.com/cosmic-hit-version-1-2-quietly-doing-things-gnome-kde-still-make-y...
4•naves•37m ago•0 comments

Show HN: Scramble Quest

https://scramblequest.app/
1•furyofantares•38m ago•0 comments

Teardown: A Generic 7-Port USB 3.0 Hub That Wasn't

https://goughlui.com/2026/07/09/teardown-a-generic-7-port-usb-3-0-hub-that-wasnt/
1•speckx•38m ago•0 comments

Show HN: Pgnudge - tell your app which Postgres tables just changed

https://github.com/janbjorge/pgnudge
1•jeeybee•38m ago•0 comments

I Put My Son in a Swamp

https://thepotato.tech/posts/i-put-my-son-in-a-swamp/
1•nickstinemates•43m ago•0 comments

The WiFi Certificate That Didn't Exist an Hour Ago

https://thepotato.tech/posts/the-wifi-cert-that-didnt-exist-an-hour-ago/
1•nickstinemates•44m ago•0 comments

The Most Famous AI Writing Tic Is Also the Most Mysterious

https://www.theatlantic.com/technology/2026/07/ai-chatbot-writing-tic-negative-parallelism/687892/
1•tekdude•46m ago•0 comments