Incase you didnt know md5 isnt secure
This site uses cookies. By continuing to browse this site, you are agreeing to our Cookie Policy.
-
-
Is there another site w/o popups?Mr.Mike
Author, Programmer, Brewer, Patriot -
Use Firefox..Code
push you ; haha! -
I didnt get any popups and... it doesnt really matter wether or not its got em... The point is i could pull an md5 hash from my database somewhere put it in the little script they have and poof my password pops out. It was bound to happen eventually.- Brian Wight
-
Are you trying to say that we should not use MD5 or that if you use MD5 you can get my password if I put it in? In the later case you could simply record it before hashing it.
These sort of attacks only work if you don't use a salt. The use of a salt means that these lookups are invalid (you should not use a global salt but rather a different salt for each password). If you want an even stronger hash then apply the MD5 algorithm twice. Possibly using a different salt each time (one could be global - preferably the first applied).
The creation of hash collisions to give two items with the same hash is different and a real problem for document/file verification. This is the problem most cryptographers mean when they talk about the vulnerability of the algorithm.Gamma Testing - Where testing is extended to the full user community (AKA Shipping the Program) -
Screw it, I say we all switch to honor system.
-Rez
-
Share
- Facebook 0
- Twitter 0
- Google Plus 0
- Reddit 0