frontpage.
newsnewestaskshowjobs

Open Source @Github

fp.

Open in hackernews

Are Your Passwords in the Green? (2025)

https://www.hivesystems.com/blog/are-your-passwords-in-the-green
1•kemotep•1y ago

Comments

kemotep•1y ago
With NIST finally updating their standards to recommend 15 character password minimums last, I like to use their recommendations and compare them to these charts show how effective such a password would be.

Using E = L x log2(R), where E is entropy, L is number of characters in the password (15), and R is the total number of possible characters used (26 for all lowercase letters), you can get ~70 bits of entropy. Using a password manager like Bitwarden for a 15 character password using the full character set minus the ambiguous characters (65 characters total) leads to ~90 bits of entropy.

Using these charts and figures from the article, a well configured bcrypt setup means even the fastest computer systems still in 2025 cap out at 1 billion hashes per second for offline cracking (without getting into Nation States spending billions on just cracking your passwords, or dedicating all the world’s supercomputers or some other speculations). So to calculate how long it would take with a “realistic” password cracker in 2025, would use this formula:

((((((2^(70-1))/ 1 billion hashes per second)/ 60 seconds)/ 60 minutes)/ 24 hours)/ 365 days) to get ~18,700 years. (Nearly 20 billion years for the Bitwarden generated one)

But without a password filter checking for known bad passwords somewhere like Have I Been Pwned, even a 30 character password that has been leaked is useless. Would be instantly “cracked”. So I personally would have the password policy be:

1. 15 character minimum, no composition rules.

2. All passwords filtered for known bad passwords against HIBP.

3. Accounts protected by MFA.

4. Combination of network controls, best practices security configurations, and alerts and monitoring to help detect and limit/eliminate password guessing attacks, password database dumps.

Rss.chat

http://scripting.com/2026/07/10/161133.html
1•jjordan•52s ago•0 comments

I Am Offgrid Now

https://blog.freira.dev/@mateusfreira-2026-06-07-i-am-fully-off-grid-now/
1•speckx•3m ago•0 comments

Russia hacks doorbell cameras to spy on NATO bases

https://www.telegraph.co.uk/world-news/2026/07/10/russia-hacks-doorbell-cameras-to-spy-on-nato-ba...
1•jacquesm•3m ago•1 comments

How Millions of Americans Got Tricked into Using a Bank That Isn't a Bank [video]

https://www.youtube.com/watch?v=hiE7NvONU5U
1•dataflow•4m ago•0 comments

US states are seeking $1.4T in penalties in August youth safety trial

https://www.reuters.com/business/meta-says-us-states-are-seeking-14-trillion-penalties-august-you...
1•dotcoma•5m ago•1 comments

Mythic Beasts: Human support requires human queries

https://www.mythic-beasts.com/blog/2026/07/03/human-support-requires-human-queries/
1•happosai•5m ago•0 comments

Show HN: E– – a language you dial between English and Python

https://github.com/frmoded/e--
1•OdedF•6m ago•1 comments

What is Hassha Merodii? Why every train station in Japan has its own melody

https://www.indulgexpress.com/travel/2026/Jul/02/what-is-hassha-merodii-why-every-train-station-i...
1•momentmaker•6m ago•0 comments

Long March 10B

https://en.wikipedia.org/wiki/Long_March_10B
1•sim04ful•6m ago•0 comments

Torque2D 4.0 Early Access 3

https://github.com/TorqueGameEngines/Torque2D/releases/tag/v4.0-ea3
1•klaussilveira•7m ago•0 comments

Chattocorp/chatto: A good chat application that you can self-host

https://github.com/chattocorp/chatto
1•aiNohY6g•7m ago•0 comments

Former GitHub CEO launches competitor designed for the age of vibe coding

https://www.theregister.com/ai-and-ml/2026/07/08/former-github-ceo-launches-competitor-designed-f...
1•galaxyLogic•8m ago•2 comments

Materials innovation has a scale-up problem, not discovery

https://www.atomscale.ai/updates/our-thesis-atom-to-scale
2•groznyj•10m ago•0 comments

Tech workers in 2026: a workforce splitting in two

https://www.lennysnewsletter.com/p/how-tech-workers-are-feeling-in-2026
2•samspenc•12m ago•0 comments

Trace: Stripe Radar for autonomous AI agents (Sybil fraud reduced by 86%)

https://trace-api-ixv6o.ondigitalocean.app/api/portal/webhook
2•nikunjkaushik20•13m ago•0 comments

Inviting Hard Questions

https://www.anthropic.com/news/hard-questions
1•yurivish•14m ago•0 comments

Would you use an app that picks your best card based on where you're?

https://cardneuro.com/
1•AmiPatel•15m ago•1 comments

Father fixes dead RTX 3070 with a jerry-rigged capacitor from an old radio

https://www.tomshardware.com/pc-components/gpus/ingenious-father-fixes-dead-rtx-3070-with-a-jerry...
1•speckx•15m ago•0 comments

Fresh: A powerful terminal text editor and IDE

https://getfresh.dev/
1•thunderbong•20m ago•0 comments

An orbiting disco ball gave Einstein's theory its most precise test yet

https://arstechnica.com/science/2026/07/an-orbiting-disco-ball-gave-einsteins-theory-its-most-pre...
1•lisper•22m ago•0 comments

He Wanted to Track Microplastics in the Sea. The EPA Fired Him

https://www.nytimes.com/2026/07/10/climate/fish-farm-microplastics-maha-epa-firing.html
3•zzzeek•22m ago•1 comments

Show HN: Local Motion – Use Cursor Agents and Chat with a Local LLM

https://github.com/mattmireles/local-motion
1•MediaSquirrel•24m ago•0 comments

Oneko

https://github.com/glreno/oneko
2•soupspaces•24m ago•0 comments

How the Terrorist Group Boko Haram Uses Frontier AI

https://casp.ac/reports/ai-enabled-terrorism
8•imustachyou•25m ago•1 comments

The Upgrade That Made My AI Agent Worse

https://medium.com/@alanscottencinas/the-upgrade-that-made-my-ai-agent-worse-610fa6ebe2d4
1•encinas88•25m ago•0 comments

What are the AI folks up to these days?

https://12gramsofcarbon.com/p/agentics-what-are-the-ai-folks-up
1•theahura•25m ago•0 comments

The end of consumer AI winter

https://jonready.com/blog/posts/the-end-of-consumer-ai-winter.html
2•mips_avatar•27m ago•1 comments

Commenting on the semi-annual reporting comment letters

https://www.businesslawprofessors.com/2026/07/commenting-on-the-comment-letters/
1•petethomas•32m ago•0 comments

Native SDK – Toolkit for building native desktop apps

https://native-sdk.dev/
2•gempir•32m ago•0 comments

45% of Enthusiasts 'Seriously Considering' Leaving Sony for PC

https://www.pushsquare.com/news/2026/07/ps5-has-put-a-dampener-on-gaming-45percent-of-enthusiasts...
4•speckx•33m ago•0 comments