frontpage.
newsnewestaskshowjobs

Open Source @Github

fp.

Open in hackernews

Are Your Passwords in the Green? (2025)

https://www.hivesystems.com/blog/are-your-passwords-in-the-green
1•kemotep•1y ago

Comments

kemotep•1y ago
With NIST finally updating their standards to recommend 15 character password minimums last, I like to use their recommendations and compare them to these charts show how effective such a password would be.

Using E = L x log2(R), where E is entropy, L is number of characters in the password (15), and R is the total number of possible characters used (26 for all lowercase letters), you can get ~70 bits of entropy. Using a password manager like Bitwarden for a 15 character password using the full character set minus the ambiguous characters (65 characters total) leads to ~90 bits of entropy.

Using these charts and figures from the article, a well configured bcrypt setup means even the fastest computer systems still in 2025 cap out at 1 billion hashes per second for offline cracking (without getting into Nation States spending billions on just cracking your passwords, or dedicating all the world’s supercomputers or some other speculations). So to calculate how long it would take with a “realistic” password cracker in 2025, would use this formula:

((((((2^(70-1))/ 1 billion hashes per second)/ 60 seconds)/ 60 minutes)/ 24 hours)/ 365 days) to get ~18,700 years. (Nearly 20 billion years for the Bitwarden generated one)

But without a password filter checking for known bad passwords somewhere like Have I Been Pwned, even a 30 character password that has been leaked is useless. Would be instantly “cracked”. So I personally would have the password policy be:

1. 15 character minimum, no composition rules.

2. All passwords filtered for known bad passwords against HIBP.

3. Accounts protected by MFA.

4. Combination of network controls, best practices security configurations, and alerts and monitoring to help detect and limit/eliminate password guessing attacks, password database dumps.

Exploiting Root Execution in Claude Cowork's Sandbox

https://www.armadin.com/blog-posts/exploiting-root-execution-in-claude-coworks-sandbox
1•calmseawhale•21s ago•0 comments

Maker Built a Voice Opening Door to Moria (His Garage)

https://www.youtube.com/watch?v=woyvLnyTx0g
1•stephenhumphrey•1m ago•1 comments

Show HN: Open-source sandbox for your product team

1•spacspade•2m ago•0 comments

Fable 5 will default to Opus 4.8 for coding tasks

https://xcancel.com/AnthropicAI/status/2072163884430229756
2•babelfish•2m ago•0 comments

Chasing the OPNsense RCE: The Story Behind My First CVEs

https://hackerask.com/posts/opnsense/
1•HackerAsk•5m ago•0 comments

Show HN: Open-Source Interview Platform

https://github.com/CoderScreen/coderscreen
1•rogutkuba•6m ago•0 comments

Meta's Un-Stable Signature

https://hackerfactor.com/blog/index.php?/archives/1098-Metas-Un-Stable-Signature.html
1•ementally•6m ago•0 comments

Show HN: Trigora – A hosted runtime for event-driven TypeScript workflows

https://trigora.dev
1•hypervs•6m ago•0 comments

Pieces: Social Network for People

https://try.piecesof.me/
1•domo__knows•6m ago•1 comments

Fable Jailbroken Hours After Anthropic Lifted Restrictions

https://twitter.com/elder_plinius/status/2064776322979676227
1•hspeiser•6m ago•0 comments

Animagraffs – How Nuclear Power Works [video]

https://www.youtube.com/watch?v=PRWwXeRIvoI
1•pangratz•7m ago•0 comments

Mortality associated with non-optimal ambient temperatures from 2000 to 2019

https://www.researchgate.net/publication/353058947_Global_regional_and_national_burden_of_mortali...
1•simonebrunozzi•8m ago•0 comments

Show HN: AnalystAIPack – 118 runnable agent skills for malware analysis and RE

https://meltedinhex.com/posts/analyst-ai-pack/
1•sdkhere•10m ago•0 comments

Google Must Pay Nearly $2B to Klarna in Antitrust Case

https://www.wsj.com/tech/google-must-pay-nearly-2-billion-to-klarna-in-antitrust-case-f398d46f
2•fortran77•10m ago•1 comments

Hey GLM 5.2, build me a hypervisor

https://technotes.substack.com/p/hey-glm-52-build-me-a-hypervisor
2•mkagenius•11m ago•0 comments

Show HN: AnalystAIPack – 118 runnable agent skills for malware analysis and RE

https://github.com/meltedinhex/analyst-ai-pack
1•sdkhere•11m ago•0 comments

The Worst Caldecott Winning Books

https://andrewjudson.com/worst-caldecott
1•ajudson•12m ago•0 comments

Why Gemini 3.1 Pro lost money running Andon Café

https://andonlabs.com/blog/why-gemini-lost-money-andon-cafe
1•lukaspetersson•13m ago•1 comments

The Doomsday Organism

https://www.noemamag.com/the-doomsday-organism/
1•johanam•13m ago•0 comments

Open Source Is a Thankless Job

https://old.reddit.com/r/programming/comments/1ukim8j/open_source_is_a_thankless_job_and_i_think_...
1•redbell•13m ago•1 comments

NASA inspector general suggests Boeing's Starliner will now be a decade late

https://arstechnica.com/space/2026/07/nasa-inspector-general-suggests-boeings-starliner-will-now-...
1•ceejayoz•14m ago•0 comments

Are readers generating fiction with AI models?

https://arxiv.org/abs/2606.22748
2•ilamont•16m ago•0 comments

Devin Security Swarm

https://devin.ai/blog/security-swarm-eval/
1•meco•16m ago•0 comments

Wisk, Boeing's air taxi firm, rushed software testing, ex-employee claims

https://www.seattletimes.com/business/boeing-aerospace/wisk-boeings-air-taxi-firm-rushed-software...
1•Jtsummers•19m ago•0 comments

The Website Is Down

https://www.thewebsiteisdown.com/
2•kretaceous•22m ago•0 comments

Tech giants lose $2T in SpaceX's IPO month

https://english.elpais.com/economy-and-business/2026-07-01/tech-giants-lose-2-trillion-in-spacexs...
3•01-_-•23m ago•1 comments

The Regret We Get Wrong

https://jordangrumet.substack.com/p/the-regret-we-get-wrong
1•jader201•23m ago•0 comments

Show HN: Coding Agent Survey – Which coding agents do you use?

https://codingagentsurvey.org/
3•jacobgold•23m ago•3 comments

What do you mean by "Event-Driven"? (2017)

https://martinfowler.com/articles/201701-event-driven.html
1•adletbalzhanov•23m ago•0 comments

Show HN: I Made TS Compiler Graph MCP: 10x Fewer Tokens in Claude Code and Codex

https://github.com/samchon/ttsc/tree/master/packages/graph
1•autobe•27m ago•0 comments