frontpage.
newsnewestaskshowjobs

Made with ♥ by @iamnishanth

Open Source @Github

Open in hackernews

Are Your Passwords in the Green? (2025)

https://www.hivesystems.com/blog/are-your-passwords-in-the-green
1•kemotep•2mo ago

Comments

kemotep•2mo ago
With NIST finally updating their standards to recommend 15 character password minimums last, I like to use their recommendations and compare them to these charts show how effective such a password would be.

Using E = L x log2(R), where E is entropy, L is number of characters in the password (15), and R is the total number of possible characters used (26 for all lowercase letters), you can get ~70 bits of entropy. Using a password manager like Bitwarden for a 15 character password using the full character set minus the ambiguous characters (65 characters total) leads to ~90 bits of entropy.

Using these charts and figures from the article, a well configured bcrypt setup means even the fastest computer systems still in 2025 cap out at 1 billion hashes per second for offline cracking (without getting into Nation States spending billions on just cracking your passwords, or dedicating all the world’s supercomputers or some other speculations). So to calculate how long it would take with a “realistic” password cracker in 2025, would use this formula:

((((((2^(70-1))/ 1 billion hashes per second)/ 60 seconds)/ 60 minutes)/ 24 hours)/ 365 days) to get ~18,700 years. (Nearly 20 billion years for the Bitwarden generated one)

But without a password filter checking for known bad passwords somewhere like Have I Been Pwned, even a 30 character password that has been leaked is useless. Would be instantly “cracked”. So I personally would have the password policy be:

1. 15 character minimum, no composition rules.

2. All passwords filtered for known bad passwords against HIBP.

3. Accounts protected by MFA.

4. Combination of network controls, best practices security configurations, and alerts and monitoring to help detect and limit/eliminate password guessing attacks, password database dumps.

Crew abandons ship attacked in the Red Sea, UK military says

https://apnews.com/article/yemen-red-sea-ship-attacked-2f10bed442ebca4aa026b5dc67a05b76
1•geox•48s ago•0 comments

Archaeologists in Peru unveil 3,500 year old city that linked coast and Andes

https://www.reuters.com/science/archaeologists-peru-unveil-3500-year-old-city-that-linked-coast-andes-2025-07-03/
1•wslh•3m ago•0 comments

ECC SystemVerilog Generator

https://github.com/siliscale/ECC-SV_Generator
1•marcux95•5m ago•0 comments

Migrating the Jira Database Platform to AWS Aurora

https://www.atlassian.com/blog/atlassian-engineering/migrating-jira-database-platform-to-aws-aurora
1•defrost•12m ago•0 comments

She Wanted to Save the World from A.I. Then the Killings Started

https://www.nytimes.com/2025/07/06/business/ziz-lasota-zizians-rationalists.html
3•davidklemke•15m ago•1 comments

New Intel E610 NICs Shown for Low Power 10Gbase-T and 2.5GbE

https://www.servethehome.com/new-intel-e610-nics-shown-for-low-power-10gbase-t-and-2-5gbe/
2•ksec•20m ago•1 comments

Apple Lisa conversion to Macintosh XL Do-it-Yourself Guide (1990) [pdf]

https://mirrors.apple2.org.za/ftp.apple.asimov.net/documentation/applelisa/Lisa_Do-It-Yourself_Guide.pdf
2•gscott•26m ago•1 comments

OpenBSD on the 2020 M1 MacBook Air (2022)

http://kernelpanic.life/hardware/openbsd-m1-macbook-air.html
3•bradley_taunt•28m ago•0 comments

The Human Use of Human Beings

https://en.wikipedia.org/wiki/The_Human_Use_of_Human_Beings
3•downboots•33m ago•0 comments

Waterbot – a discord bot that controls pins on a raspberry with natural language

https://github.com/fclaude/waterbot
2•fclaude•34m ago•0 comments

Anthropic wins key US ruling on AI training in authors' copyright lawsuit

https://www.reuters.com/legal/litigation/anthropic-wins-key-ruling-ai-authors-copyright-lawsuit-2025-06-24/
5•pyman•42m ago•3 comments

Free AI Hiring Demo – Paraform

https://paraform-genie-magic.lovable.app/
2•lkhoshnevis•45m ago•1 comments

One Year with a Framework Laptop 16 and Fedora KDE Plasma Desktop

https://linhpham.org/blog/2025/one-year-with-framework-laptop-16-fedora-kde-desktop/
2•nmstoker•48m ago•0 comments

Plasma 6.4 Wayland vs. X11, processor and power benchmarks

https://www.dedoimedo.com/computers/plasma-6-4-performance-wayland-x11-power-cpu-kernel.html
3•airhangerf15•48m ago•0 comments

The Dangers of AI Personalization

https://time.com/7296719/ai-personalization-harm-essay/
3•malshe•49m ago•0 comments

The Mental Model of Server Components

https://saewitz.com/the-mental-model-of-server-components
2•PaulHoule•53m ago•0 comments

Show HN: A pure photo collage tool

https://imagesplitter.org/merge-images
2•panyanyany•54m ago•0 comments

Attabotics CEO on devastating week that brought bankruptcy

https://retailtechinnovationhub.com/home/2025/7/6/attabotics-ceo-scott-gravelle-opens-up-about-devastating-week-that-saw-bankruptcy-and-tesco-deal
9•bcantrill•58m ago•4 comments

Show HN: A Language Server Implementation for SystemD Unit Files

https://github.com/JFryy/systemd-lsp
2•arandomhuman•1h ago•0 comments

Self-Cleaning Ants

https://gbragafibra.github.io/2025/07/06/collatz_ant6.html
3•Fibra•1h ago•0 comments

Show HN: WhatsApp Contact Exporter

https://chromewebstore.google.com/detail/whatsapp-contact-exporter/dlplljmhphnabhmlhjplfgpakefmfhho
2•qwikhost•1h ago•0 comments

Weedkiller ingredient widely used in US can damage organs and gut bacteria

https://www.theguardian.com/environment/2025/jul/06/weedkiller-diquat-organ-damage-study
5•vinni2•1h ago•0 comments

I built a free website for remote workers to find laptop friendly coffee shops

https://studynearme.com/
2•kicksent•1h ago•1 comments

I spent $80 and 14 hours to build this, welcome to my new website!

https://chiraga.io/blog/welcome/
2•chiragagrawal93•1h ago•0 comments

Are Language Models strategic or parrots?

https://www.kennethpayne.uk/p/are-language-models-strategic-or
2•car•1h ago•0 comments

Ask HN: Has AWS ever surprised you with a bill?

3•noway_bro•1h ago•0 comments

U.S. Insurers Are Refusing to Cover Climate Change Risk Zones

https://oilprice.com/Energy/Energy-General/US-Insurers-Are-Refusing-to-Cover-Climate-Change-Risk-Zones.html
7•toomuchtodo•1h ago•3 comments

Pangu's Sorrow: The Sorrow and Darkness of Huawei's Noah Pangu LLM R&D Process

https://github.com/moonlightelite/True-Story-of-Pangu/blob/main/README.md
3•guardiangod•1h ago•1 comments

Sandboxes? In my process? It's more likely than you think

https://dadrian.io/blog/posts/memory-safety-and-sandboxes/
2•dadrian•1h ago•0 comments

Ask HN: How is the tech scene in LA?

4•asdev•1h ago•0 comments