frontpage.
newsnewestaskshowjobs

Open Source @Github

fp.

Open in hackernews

Are Your Passwords in the Green? (2025)

https://www.hivesystems.com/blog/are-your-passwords-in-the-green
1•kemotep•1y ago

Comments

kemotep•1y ago
With NIST finally updating their standards to recommend 15 character password minimums last, I like to use their recommendations and compare them to these charts show how effective such a password would be.

Using E = L x log2(R), where E is entropy, L is number of characters in the password (15), and R is the total number of possible characters used (26 for all lowercase letters), you can get ~70 bits of entropy. Using a password manager like Bitwarden for a 15 character password using the full character set minus the ambiguous characters (65 characters total) leads to ~90 bits of entropy.

Using these charts and figures from the article, a well configured bcrypt setup means even the fastest computer systems still in 2025 cap out at 1 billion hashes per second for offline cracking (without getting into Nation States spending billions on just cracking your passwords, or dedicating all the world’s supercomputers or some other speculations). So to calculate how long it would take with a “realistic” password cracker in 2025, would use this formula:

((((((2^(70-1))/ 1 billion hashes per second)/ 60 seconds)/ 60 minutes)/ 24 hours)/ 365 days) to get ~18,700 years. (Nearly 20 billion years for the Bitwarden generated one)

But without a password filter checking for known bad passwords somewhere like Have I Been Pwned, even a 30 character password that has been leaked is useless. Would be instantly “cracked”. So I personally would have the password policy be:

1. 15 character minimum, no composition rules.

2. All passwords filtered for known bad passwords against HIBP.

3. Accounts protected by MFA.

4. Combination of network controls, best practices security configurations, and alerts and monitoring to help detect and limit/eliminate password guessing attacks, password database dumps.

Seamless iPad (or any device that can run a web browser) drawing into org-mode

https://github.com/larrasket/org-pad.el
1•lr0•1m ago•0 comments

China cracks down on AI companions, forcing millions to break up

https://www.abc.net.au/news/2026-07-19/china-cracks-down-on-artificial-intelligence-companions/10...
1•defrost•2m ago•1 comments

Archaeologists found Homer's Iliad inside a 1,600-year-old Egyptian mummy

https://www.sciencedaily.com/releases/2026/07/260713084918.htm
1•NordStreamYacht•15m ago•0 comments

IceCream – Never use print() to debug again

https://github.com/gruns/icecream
1•gregsadetsky•16m ago•0 comments

Claude Is Painful

4•kderbyma•17m ago•2 comments

Deepsec

https://github.com/vercel-labs/deepsec
1•handfuloflight•22m ago•0 comments

AI Mania Is Eviscerating Global Decision-Making

https://ludic.mataroa.blog/blog/ai-mania-is-eviscerating-global-decision-making/#fnref:3
3•subset•26m ago•1 comments

Prompt Injection Attacks Are Thwarting AI Hacking Agents

https://arstechnica.com/security/2026/07/now-defenders-are-embracing-the-prompt-injection-too/
1•sbulaev•29m ago•1 comments

Doctors question evidence behind Pentagon plan for testosterone screening

https://www.theguardian.com/us-news/2026/jul/18/us-military-testosterone-screening-doctors
1•wslh•30m ago•1 comments

University of Illinois is insuring itself against a drop in Chinese students

https://www.chicagobusiness.com/education/university-illinois-insurance-decline-chinese-enrollment/
2•MaysonL•31m ago•1 comments

AI as Normal Technology

https://knightcolumbia.org/content/ai-as-normal-technology
1•elsewhen•32m ago•0 comments

Ergonomic keyboard generator with hand scanning

https://ryanis.cool/cosmos/
1•ffin•35m ago•0 comments

My app just got approved by the App Store

https://apps.apple.com/us/app/kleios/id6765974356
2•idclark34•39m ago•5 comments

No, an AI cannot know the future and never will..

https://pulkitsharma.substack.com/p/no-an-ai-cannot-know-the-future-and
1•pulkitsh1234•40m ago•0 comments

Cash is king again at Tokyo's bars after credit processor fails

https://www.japantimes.co.jp/business/2026/07/14/companies/zentoshin-kabukicho-bar-cash/
1•mikhael•40m ago•0 comments

Flightwake – a flight recorder for AI coding agents, not a navigator

https://github.com/kaiwutech-TW/flightwake
1•kaiwuTW•41m ago•0 comments

Superformula

https://en.wikipedia.org/wiki/Superformula
2•elsewhen•44m ago•0 comments

Social media algorithms: accumulated aesthetic artifacts

https://henderson.lol/posts/202607-social-media-algorithms-accumulated-aesthetic-artifacts
3•hendersonreed•52m ago•0 comments

Cloud providers are out of B200 GPUs after the Inkling release

https://twitter.com/Akashi203/status/2078615659366252877
4•Jr23_xd•55m ago•0 comments

Better and Cheaper Than IPTV

https://github.com/stupside/castor
16•xonery•56m ago•4 comments

Lobsters Interview with matheusmoreira about Lone Lisp

https://alexalejandre.com/interviews/interview-with-matheus-moreira/
4•birdculture•58m ago•1 comments

Show HN: EnviousWispr, an open-source Wispr Flow alternative for macOS

https://github.com/saurabhav88/EnviousWispr
1•EnviousLabs•1h ago•0 comments

I built code-repair training data and shipped the eval so you can rerun it

https://huggingface.co/datasets/TrueSET/verified-code-repair
1•TrueSET_Data•1h ago•2 comments

Miserere (Allegri)

https://en.wikipedia.org/wiki/Miserere_(Allegri)
2•thunderbong•1h ago•0 comments

AI Assisted Vulnerability Research on Embedded Targets

https://quentinkaiser.be/security/2026/07/18/ia-assisted-vuln-research/
1•snorbleck•1h ago•0 comments

Cmpunlocker – Unlock Full GA100 Compute and 64GB HBM2e on the Nvidia CMP 170HX

https://github.com/amoghmunikote/cmpunlocker
1•amoghmunikote•1h ago•0 comments

Transcribe.cpp

https://workshop.cjpais.com/projects/transcribe-cpp
46•sebjones•1h ago•5 comments

One token is enough: fingerprinting LLMs from one token output distributions

https://arxiv.org/abs/2607.10252
3•anigbrowl•1h ago•0 comments

AI as Normal Technology- What Will Be Left for Us to Work On?

https://www.cs.princeton.edu/~arvindn/talks/icml-2026-annotated-slides/#
2•aanet•1h ago•5 comments

The 2026 Developer Survey is Live

https://meta.stackoverflow.com/questions/439978/the-2026-developer-survey-is-live
3•joshdavham•1h ago•2 comments