frontpage.
newsnewestaskshowjobs

Open Source @Github

fp.

Open in hackernews

Are Your Passwords in the Green? (2025)

https://www.hivesystems.com/blog/are-your-passwords-in-the-green
1•kemotep•1y ago

Comments

kemotep•1y ago
With NIST finally updating their standards to recommend 15 character password minimums last, I like to use their recommendations and compare them to these charts show how effective such a password would be.

Using E = L x log2(R), where E is entropy, L is number of characters in the password (15), and R is the total number of possible characters used (26 for all lowercase letters), you can get ~70 bits of entropy. Using a password manager like Bitwarden for a 15 character password using the full character set minus the ambiguous characters (65 characters total) leads to ~90 bits of entropy.

Using these charts and figures from the article, a well configured bcrypt setup means even the fastest computer systems still in 2025 cap out at 1 billion hashes per second for offline cracking (without getting into Nation States spending billions on just cracking your passwords, or dedicating all the world’s supercomputers or some other speculations). So to calculate how long it would take with a “realistic” password cracker in 2025, would use this formula:

((((((2^(70-1))/ 1 billion hashes per second)/ 60 seconds)/ 60 minutes)/ 24 hours)/ 365 days) to get ~18,700 years. (Nearly 20 billion years for the Bitwarden generated one)

But without a password filter checking for known bad passwords somewhere like Have I Been Pwned, even a 30 character password that has been leaked is useless. Would be instantly “cracked”. So I personally would have the password policy be:

1. 15 character minimum, no composition rules.

2. All passwords filtered for known bad passwords against HIBP.

3. Accounts protected by MFA.

4. Combination of network controls, best practices security configurations, and alerts and monitoring to help detect and limit/eliminate password guessing attacks, password database dumps.

GPT-5.6 unexpected file deletions

https://twitter.com/thsottiaux/status/2077630111499882637
1•lobo_tuerto•28s ago•0 comments

I've been thinking about null pointers

https://sebsite.pw/w/20260715-null.html
1•birdculture•1m ago•0 comments

U.S. approval of giant 'space mirror' satellite alarms astronomers

https://www.scientificamerican.com/article/u-s-approval-of-giant-space-mirror-satellite-alarms-as...
1•saikatsg•1m ago•0 comments

wireplug.org – roaming and NAT traversal for WireGuard, written in Rust

https://wireplug.org
1•alpn•2m ago•0 comments

Show HN: Nous – give GTM agents one context graph across your tools

https://github.com/NousC/opennous
2•sethiaakash04•4m ago•2 comments

Inkling Benchmark Results

https://artificialanalysis.ai/articles/thinking-machines-has-released-inkling-the-new-leading-u-s...
1•theanonymousone•4m ago•0 comments

Cosmic DE's First Seven Months

https://system76.com/blog/post/cosmic-de-first-seven-months
2•speckx•4m ago•0 comments

Why opposite sides of a debate share the same mistake

https://www.thesignalist.io/s/under-the-same-umbrella/
1•kodesko•6m ago•0 comments

Show HN: QBasic Gorillas (Repeeled)

https://gameswithtony.com/gorillas/
1•TonyAlicea10•6m ago•0 comments

Kimi K3 is live on kimi code

https://twitter.com/i/status/2077751108114551034
3•poorvsahu•6m ago•0 comments

US-style tipping culture came to London

https://www.londoncentric.media/p/how-us-style-tipping-culture-came
2•BerislavLopac•6m ago•0 comments

Show HN: Algotrek – Algorithms visualized, problem shape shifting and a tutor

https://app.algotrek.io
1•nyggy•7m ago•0 comments

Show HN: I built a Clojure runtime on top of Chez Scheme

https://yogthos.net/posts/2026-07-02-jolt.html
1•yogthos•9m ago•0 comments

Show HN: Ramsford – AI butler for travel, cruise planning, and daily tasks

https://ramsford.ai/
1•ramsford1000•9m ago•0 comments

Eric S. Raymond take on AI

https://twitter.com/esrtweet/status/2074889702381953222
2•lobo_tuerto•10m ago•0 comments

Reading a 3k-Year-Old Poem (Odyssey) to a 3-Year-Old Boy

https://www.theatlantic.com/family/2026/07/odyssey-read-father-son/687914/
1•theanonymousone•11m ago•0 comments

A Short History of Cinema(2020)

https://www.scienceandmediamuseum.org.uk/objects-and-stories/very-short-history-of-cinema
1•hopelessluca•12m ago•0 comments

Why a model that explains 95% of variance only compresses 18%

https://thefarsightedzipper.substack.com/p/lossy-vs-lossless-how-the-compression
2•alessino•12m ago•0 comments

Kimi K3 to beat Opus 4.8

https://twitter.com/zijing_wu/status/2077699476194771064
2•WithinReason•13m ago•0 comments

Show HN: I've built tldraw for HTML and Markdown pages (with encryption)

https://pastehex.dev/
1•pandrre•14m ago•0 comments

Starlink from 1984 – By Nemanja Trifunovic

https://nemanjatrifunovic.substack.com/p/starlink-from-1984
1•rbanffy•15m ago•0 comments

Will there be any more bugs to find after AI has fixed them all?

https://insertchaos.bearblog.dev/when-ai-has-fixed-all-the-bugs/
2•snorbleck•16m ago•0 comments

Show HN: An MCP server that frames screen recordings and shots in Apple bezels

https://github.com/cwooddgr/bezelbub/tree/main/bezelbub-mcp
2•igneous_rocker•19m ago•1 comments

Show HN: Termaxa – I found my AI-agent gate had silently stopped gating Cursor

https://github.com/termaxa/termaxa
1•devdoc83•19m ago•1 comments

Should you be paying to get insights of your own money?

https://cardneuro.com/
1•AmiPatel•20m ago•0 comments

AI agents write PostgreSQL like Python

https://vvka-141.github.io/pgmi/articles/ai-agents-write-postgresql-like-python/
1•aevlampiev•20m ago•0 comments

Eli Lilly to buy psychedelics maker AtaiBeckley for $2.8B

https://www.cnbc.com/2026/07/16/eli-lilly-to-buy-psychedelics-maker-ataibeckley-2point8-billion.html
2•ulrikrasmussen•20m ago•0 comments

Compatibility regressions with anti-tampering SDKs used by apps are resolved

https://discuss.grapheneos.org/d/40383-compatibility-regressions-with-anti-tampering-sdks-used-by...
1•Cider9986•20m ago•0 comments

The $110/month self-improving pipeline

https://andywidjaja.com/blog/110-pipeline
1•digitallogic•21m ago•0 comments

Show HN: A Python script that parses sheet music and plays it on a drum machine

https://hankthemason.com/projects/fugue-for-my-drum-machine
1•hankthemason•21m ago•0 comments