sci.crypt archive
Re: [Newbie] Advice needed regarding SHA0 SHA1 MD5
Date: Tue Sep 06 2005 - 21:53:19 CEST
Paul Rubin wrote:
> Erwin Moller <since_humans_read_this_I_am_spammed_too_much@spamyourself.com> writes:
>
>>The paper isn't generally available yet. At this point I can't tell if the
>>attack is real, but the paper looks good and this is a reputable research
>>team.
>
>
> It's real and it's been improved some since that announcement.
>
>
>>We just had a discussion on the subject in a PHP-ng (PHP is a
>>scriptinglanguage).
>>We wondered if storing passwords hashed as MD5 was safe.
>
>
> If you have some stored passwords hashed with md5, don't panic,
> they're fine. If you're implementing something new, you're better off
> choosing a more modern hash function.
>
Passwords hashed with MD5 are fine?
Have you been reading the threads about how MD5 can
be effectively reversed under certain circumstances?
Received on Thu Sep 29 21:53:00 2005