frontpage.
newsnewestaskshowjobs

Open Source @Github

fp.

Open in hackernews

Are Your Passwords in the Green? (2025)

https://www.hivesystems.com/blog/are-your-passwords-in-the-green
1•kemotep•1y ago

Comments

kemotep•1y ago
With NIST finally updating their standards to recommend 15 character password minimums last, I like to use their recommendations and compare them to these charts show how effective such a password would be.

Using E = L x log2(R), where E is entropy, L is number of characters in the password (15), and R is the total number of possible characters used (26 for all lowercase letters), you can get ~70 bits of entropy. Using a password manager like Bitwarden for a 15 character password using the full character set minus the ambiguous characters (65 characters total) leads to ~90 bits of entropy.

Using these charts and figures from the article, a well configured bcrypt setup means even the fastest computer systems still in 2025 cap out at 1 billion hashes per second for offline cracking (without getting into Nation States spending billions on just cracking your passwords, or dedicating all the world’s supercomputers or some other speculations). So to calculate how long it would take with a “realistic” password cracker in 2025, would use this formula:

((((((2^(70-1))/ 1 billion hashes per second)/ 60 seconds)/ 60 minutes)/ 24 hours)/ 365 days) to get ~18,700 years. (Nearly 20 billion years for the Bitwarden generated one)

But without a password filter checking for known bad passwords somewhere like Have I Been Pwned, even a 30 character password that has been leaked is useless. Would be instantly “cracked”. So I personally would have the password policy be:

1. 15 character minimum, no composition rules.

2. All passwords filtered for known bad passwords against HIBP.

3. Accounts protected by MFA.

4. Combination of network controls, best practices security configurations, and alerts and monitoring to help detect and limit/eliminate password guessing attacks, password database dumps.

The first industrial operations benchmark for agents

https://solarbench.maingen.ai/
1•phillipyan•26s ago•0 comments

The software engineering lesson I wish I'd learned much earlier [video]

https://www.youtube.com/watch?v=I1Iw5yKmR5U
1•phenrys•2m ago•0 comments

The $110/month self-improving pipeline

https://andywidjaja.com/blog/110-pipeline
1•gmays•4m ago•0 comments

The Internet is unusuable when petty content is promoted

1•VitaSetLLC•5m ago•0 comments

New flapping robot swims and flies like a diving bird

https://news.mit.edu/2026/new-flapping-robot-swims-and-flies-like-diving-bird-0709
2•hackernj•6m ago•0 comments

Show HN: A pre-launch scanner for AI-built apps (it scores itself 60/100)

https://shippingszn.com/
1•keeptahoeblue•10m ago•0 comments

Sideshow – A live visual surface for your terminal coding agent

https://github.com/modem-dev/sideshow
1•theblazehen•12m ago•0 comments

Why the Job Search Sucks (2018)

https://blog.webb.page
2•NetOpWibby•14m ago•2 comments

Soon We Won't Program Computers. We'll Train Them Like Dogs (2016)

https://www.wired.com/2016/05/the-end-of-code/
1•mbil•15m ago•0 comments

Gibraltar land grab stirs age-old dispute with Spain

https://www.ft.com/content/58d83b39-79c6-41f0-89c8-04856483d4e1
1•mmarian•16m ago•1 comments

REO Trucks I4 4WD Pickup Truck Starts at $21,500

https://reotrucks.com
1•b_mc2•16m ago•0 comments

What a $20 coding subscription actually buys

https://tailscale.com/blog/aperture-ai-passthrough-subscription-costs
1•Brajeshwar•19m ago•0 comments

The unreasonable difficulty of time series forecasting

https://suzyahyah.github.io/machine%20learning/2026/06/27/trouble-with-time-series.html
2•suzyahyah•20m ago•0 comments

OpenAI Strategic Lead Defines Open-Source AI as Dystopian Hellscape

https://twitter.com/deanwball/status/2078133895766114412
2•shellwirt•21m ago•0 comments

Show HN: Get alerts for good seats at 70mm IMAX showings of The Odyssey

https://imaxxing.io/
6•andrewtorkbaker•23m ago•3 comments

Electron apps: web browsers in a trenchcoat

https://ssg.dev/electron-apps-web-browsers-in-a-trenchcoat/
2•sedatk•28m ago•1 comments

The Death of the Software Developer

https://aimakesmesad.com/the-death-of-the-software-developer/
3•Rudism•31m ago•2 comments

Tangled · The next-generation social coding platform

https://tangled.org
1•antfarm•33m ago•1 comments

Ask HN: What did you learn last month? (June 2026)

1•bhu1st•33m ago•0 comments

PgGraph: Transform your Postgres data to graphs

https://github.com/Evokoa/pgGraph
1•handfuloflight•34m ago•0 comments

Freya 0.4 – Rust GUI library

https://freyaui.dev/posts/0.4
2•birdculture•35m ago•0 comments

In Germany if you say a restaurant is just ok they send the gestapo after you

https://twitter.com/eigen_moomin/status/2077471686295957749
15•bko•36m ago•8 comments

Orchflows: Build self-improving loops in one sentence

https://github.com/DanMcInerney/orchflows
3•DanMcInerney•39m ago•0 comments

Lucy 2.5 – Realtime Video Editing via World Model

https://lucy.decart.ai/
1•ProjectBarks•42m ago•0 comments

British runner Josh Kerr smashes 27-year-old men's mile record

https://www.espn.com/olympics/story/_/id/49391430/british-runner-josh-kerr-smashes-27-year-old-me...
3•linuxfan2718•43m ago•0 comments

Controlling Reasoning Effort in LLMs

https://magazine.sebastianraschka.com/p/controlling-reasoning-effort-in-llms
1•matt_d•43m ago•0 comments

New Drone Nearly Disappears in Flight

https://www.youtube.com/watch?v=1mUgyV3A1O0
1•bookofjoe•53m ago•1 comments

The Kimi K3 Moment

https://stephen.bochinski.dev/blog/2026/07/18/the-kimi-k3-moment/
3•sbochins•57m ago•0 comments

Sushi – Your Raw Data Served Perfectly

https://trysushi.xyz
2•premxai•59m ago•0 comments

A 30-year-old open problem in complexity theory resolved by GPT-5.6 Pro

https://zenodo.org/records/21431468
1•bmisterxster•59m ago•0 comments