frontpage.
newsnewestaskshowjobs

Open Source @Github

fp.

Open in hackernews

Are Your Passwords in the Green? (2025)

https://www.hivesystems.com/blog/are-your-passwords-in-the-green
1•kemotep•1y ago

Comments

kemotep•1y ago
With NIST finally updating their standards to recommend 15 character password minimums last, I like to use their recommendations and compare them to these charts show how effective such a password would be.

Using E = L x log2(R), where E is entropy, L is number of characters in the password (15), and R is the total number of possible characters used (26 for all lowercase letters), you can get ~70 bits of entropy. Using a password manager like Bitwarden for a 15 character password using the full character set minus the ambiguous characters (65 characters total) leads to ~90 bits of entropy.

Using these charts and figures from the article, a well configured bcrypt setup means even the fastest computer systems still in 2025 cap out at 1 billion hashes per second for offline cracking (without getting into Nation States spending billions on just cracking your passwords, or dedicating all the world’s supercomputers or some other speculations). So to calculate how long it would take with a “realistic” password cracker in 2025, would use this formula:

((((((2^(70-1))/ 1 billion hashes per second)/ 60 seconds)/ 60 minutes)/ 24 hours)/ 365 days) to get ~18,700 years. (Nearly 20 billion years for the Bitwarden generated one)

But without a password filter checking for known bad passwords somewhere like Have I Been Pwned, even a 30 character password that has been leaked is useless. Would be instantly “cracked”. So I personally would have the password policy be:

1. 15 character minimum, no composition rules.

2. All passwords filtered for known bad passwords against HIBP.

3. Accounts protected by MFA.

4. Combination of network controls, best practices security configurations, and alerts and monitoring to help detect and limit/eliminate password guessing attacks, password database dumps.

Show HN: Bulk download YouTube transcripts–free per video, pay once

https://ytbulktranscript.app/
1•not_wowinter13•1m ago•0 comments

Shared Memory vs. Isolated Memory for AI Agents

https://wolbarg.com/blog/shared-memory-vs-isolated-memory
1•atharvmunde•1m ago•0 comments

Roger Summit, Who Invented an Early Online Search Service, Dies at 95

https://www.nytimes.com/2026/07/17/technology/roger-summit-dead.html
1•donohoe•1m ago•0 comments

Mal – Make a Lisp, implemented in 89 Languages

https://github.com/kanaka/mal
1•lioeters•1m ago•0 comments

Show HN: I built CraftVis, an AI image editor

https://craftvis.com
1•Samlion•2m ago•0 comments

'Adversarial clothing': Garments designed to confuse facial recognition systems

https://www.theguardian.com/fashion/2026/jul/17/adversarial-clothing-are-garments-designed-to-con...
1•Jimmc414•2m ago•0 comments

Thermodynamic Computers Go with the (Energy) Flow

https://www.quantamagazine.org/thermodynamic-computers-go-with-the-energy-flow-20260715/
1•rbanffy•2m ago•0 comments

The Life and Times of Maxis, Part 2: SimWorld

https://www.filfre.net/2026/07/the-life-and-times-of-maxis-part-2-simworld/
1•doppp•2m ago•0 comments

NyarchLinux proposes a (kindof) age verification system for open source OS

https://twitter.com/NyarchLinux/status/2078147537022730677
1•hinata08•3m ago•1 comments

Run AI Agents from Jira, Linear, GitHub Issues, or Markdown

https://github.com/alexrolls/startup-factory
1•alexberlinde•4m ago•0 comments

A Slower AI Payoff Would Be Everyone's Problem

https://www.apollo.com/wealth/insights-news/insights/daily-spark/a-slower-ai-payoff-would-be-ever...
1•simonebrunozzi•5m ago•0 comments

How to Maintain Our Privacy in the AI Age

https://www.wsj.com/tech/cybersecurity/ai-privacy-laws-data-26d9769f
1•herbertl•7m ago•0 comments

Brazil's Pix – The payments darling in Trump's tariff crosshairs

https://www.ft.com/content/efbec9a7-a3d9-45e6-8ade-c0660f31ecc7
1•alephnerd•7m ago•0 comments

Nordstjernen web browser version 1.0.19 release

2•andreasrosdal•8m ago•1 comments

Next level business card 5D

https://kmay89.com/
1•kmeves•8m ago•2 comments

Smartphones Erode the Public World

https://www.thenewatlantis.com/publications/byung-chul-han-what-happened-to-freedom
1•keiferski•8m ago•0 comments

Financial Awareness should be free for everyone

https://cardneuro.com/
1•AmiPatel•9m ago•0 comments

I Used Spotlistr Every Week. Then Playlist Creation Started Costing Credits

https://yyyokel.com/spotlistr-credits-track-down-free-alternative/
1•wompapumpum•10m ago•0 comments

Nvidia Announces Expanded Jetson Thor Lineup with Mid-Range T3000, T2000 Modules

https://www.servethehome.com/nvidia-announces-expanded-jetson-thor-lineup-with-mid-range-t3000-an...
2•rbanffy•10m ago•0 comments

Ask HN: Do you have ideas on dealing with AI contributions to open source?

1•netniuq•10m ago•0 comments

Portable AI Memory or Permanent Lock-In

https://stantyan.com/blog/portable-ai-memory-or-permanent-lock-in/
1•stantyan•10m ago•0 comments

China just erased America's AI lead

https://www.axios.com/2026/07/17/china-ai-kimi-k3-open-source-anthropic-opus
2•jonbaer•11m ago•0 comments

New Jersey launches procurement process for new nuclear

https://world-nuclear-news.org/articles/new-jersey-launches-procurement-process-for-new-nuclear
2•geox•12m ago•0 comments

The Colorado River's 2 biggest reservoirs just hit a new record low

https://www.sltrib.com/news/environment/2026/07/17/combined-storage-lake-powell-lake/
2•toomuchtodo•13m ago•2 comments

Mincdp – Give Claude eyes and hands in a browser, in ~410 lines of C

https://github.com/Anode1/mincdp
1•siberean•13m ago•0 comments

What lawyers can do for AI safety

https://martinsays.substack.com/p/what-lawyers-can-do-for-ai-safety
1•mrmarmac•15m ago•0 comments

MecoScribe: FOSS Local Audio Transcription for macOS with Speaker Detection

https://github.com/HeyMeco/MecoScribe
2•HeyMeco•15m ago•1 comments

Trump Set Fire to America's Election Defenses. Now He's Pointing at the Smoke

https://weaponizedspaces.substack.com/p/trump-set-fire-to-americas-election
3•rbanffy•16m ago•0 comments

Don't remove the bottlenecks, rather upgrade them

https://shrsv.hexmos.com/post/don%27t-remove-the-bottlenecks,-rather-upgrade-them
2•atomicnature•17m ago•0 comments

I'm shutting down my AI SaaS – Post Mortem

https://johnathanward.com/im-shutting-down-content-goblin-a-post-mortem/
2•johnward•22m ago•0 comments