frontpage.
newsnewestaskshowjobs

Open Source @Github

fp.

Open in hackernews

Are Your Passwords in the Green? (2025)

https://www.hivesystems.com/blog/are-your-passwords-in-the-green
1•kemotep•1y ago

Comments

kemotep•1y ago
With NIST finally updating their standards to recommend 15 character password minimums last, I like to use their recommendations and compare them to these charts show how effective such a password would be.

Using E = L x log2(R), where E is entropy, L is number of characters in the password (15), and R is the total number of possible characters used (26 for all lowercase letters), you can get ~70 bits of entropy. Using a password manager like Bitwarden for a 15 character password using the full character set minus the ambiguous characters (65 characters total) leads to ~90 bits of entropy.

Using these charts and figures from the article, a well configured bcrypt setup means even the fastest computer systems still in 2025 cap out at 1 billion hashes per second for offline cracking (without getting into Nation States spending billions on just cracking your passwords, or dedicating all the world’s supercomputers or some other speculations). So to calculate how long it would take with a “realistic” password cracker in 2025, would use this formula:

((((((2^(70-1))/ 1 billion hashes per second)/ 60 seconds)/ 60 minutes)/ 24 hours)/ 365 days) to get ~18,700 years. (Nearly 20 billion years for the Bitwarden generated one)

But without a password filter checking for known bad passwords somewhere like Have I Been Pwned, even a 30 character password that has been leaked is useless. Would be instantly “cracked”. So I personally would have the password policy be:

1. 15 character minimum, no composition rules.

2. All passwords filtered for known bad passwords against HIBP.

3. Accounts protected by MFA.

4. Combination of network controls, best practices security configurations, and alerts and monitoring to help detect and limit/eliminate password guessing attacks, password database dumps.

Closing a three-year-old issue using Rust arenas

https://giacomocavalieri.me/writing/gleam-rust-arenas
1•ryantsuji•11m ago•0 comments

The great (fire)wall: the technical details behind how China's internet works

https://kylejeong.com/blog/great-firewall
1•Kylejeong21•11m ago•0 comments

Embedcache – Cut embedding API costs by caching redundant requests

https://github.com/Ajay6601/embedcache
1•Ajay3043•12m ago•0 comments

Show HN: Whop Downloader – Bulk save videos from Whop in one click

https://chromewebstore.google.com/detail/whop-downloader/lfnmkoipepgcllbonheeogljjgcjhjaa
1•qwikhost•12m ago•0 comments

Llambda.lisp

http://funcall.blogspot.com/2026/07/llambdalisp.html
2•lemonberry•13m ago•0 comments

Gameboy is back ( no signup)

https://gb.omniiii.com/
2•djxjxjcjcjc•15m ago•0 comments

MacKenzie Scott's Giving, in Quality-Adjusted Life Years (QALYs)

https://maxghenis.com/mackenzie-scott-qaly/
4•383toast•23m ago•1 comments

Performant C/CUDA inference engine for Qwen 3.6 35B on RTX 5090 / Blackwell

https://github.com/ambud/q36
2•ambuds•28m ago•0 comments

Claude Code Usage Global Leaderboard

https://www.claudeusage.com
2•bazarkua•28m ago•0 comments

Apple's "Thermonuclear" Response to OpenAI's Threat

https://www.wsj.com/tech/ai/apples-thermonuclear-response-to-the-openai-threat-8d51c814
4•mful•30m ago•0 comments

Tacit Knowledge

https://en.wikipedia.org/wiki/Tacit_knowledge
9•chistev•30m ago•0 comments

Show HN: Let your coding agent iterate by seeing the browser

https://github.com/puffinsoft/peek-cli
5•G3819•33m ago•0 comments

Quintile – keyboard N×M grid tiling for macOS

https://github.com/stefanopineda/quintile
2•stefanopineda•34m ago•0 comments

Universal Learning of Nonlinear Dynamics

https://arxiv.org/abs/2508.11990
2•E-Reverance•34m ago•0 comments

Collections: How to Polis, 101, Part I: Component Parts

https://acoup.blog/2023/03/10/collections-how-to-polis-101-part-i-component-parts/
2•vinnyglennon•36m ago•0 comments

Matthew Effect

https://en.wikipedia.org/wiki/Matthew_effect
5•chistev•36m ago•0 comments

Nuts News

https://news.nuts.services/
3•kordlessagain•45m ago•0 comments

Australia Tops Claude Usage

https://www.forbes.com.au/news/innovation/australia-is-the-worlds-biggest-claude-user-now-anthrop...
3•ishanz•51m ago•0 comments

AI's Biggest Unlock Isn't Productivity. It's Access to Expertise

https://diviv.substack.com/p/ais-biggest-unlock-isnt-productivity
7•divi_vijay•51m ago•0 comments

Mushroom trip: a mycologist's tour of the Tarkine

https://www.theguardian.com/science/ng-interactive/2026/jul/13/mushroom-trip-a-mycologists-tour-o...
2•Anon84•52m ago•0 comments

Sam Altman and Elon Musk Argue over Who's Running the Bigger Scam

https://daringfireball.net/linked/2026/07/12/altman-musk
10•MaysonL•53m ago•1 comments

Quantum Mechanics May Not Need Imaginary Numbers After All

https://scitechdaily.com/quantum-mechanics-may-not-need-imaginary-numbers-after-all/
2•westurner•55m ago•0 comments

Billion Dollar PDFs

https://billiondollarpdf.com/
16•rafaepta•55m ago•0 comments

OneDev AI: Coding Agents as Teammates in Issues, Pull Requests, and CI

https://onedev.io/blogs/ai-teammates
3•timplant•57m ago•0 comments

Student's £30 device 'translates in real time'

https://www.bbc.com/news/articles/ced47540de2o
4•jethronethro•57m ago•0 comments

Circular Obstacle Pathfinding (2017)

https://redblobgames.github.io/circular-obstacle-pathfinding/
4•andsoitis•58m ago•0 comments

Deployment is All You Need: The case for deployment engineering

https://cephos.substack.com/p/deployment-is-all-you-need
3•ism-cep•1h ago•0 comments

Show HN: WA State Tolls tool that shows the best time to take it to save money

https://watolls.danielsada.tech/
2•dshacker•1h ago•0 comments

Micro-JavaScript: A pure Python JavaScript engine, inspired by MicroQuickJS

https://github.com/simonw/micro-javascript
2•nz•1h ago•0 comments

Rashidieh

https://en.wikipedia.org/wiki/Rashidieh
4•vinnyglennon•1h ago•0 comments