Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

MD5 is 'fine' for very long passwords. How many of your users have very long passwords? MD5 does nothing to make it hard to blaze through billions of possibilities.


Theoretically and even practically, MD5 has other issues. It susceptible to collisions:

http://www.mscs.dal.ca/~selinger/md5collision/




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: