On 09/06/11 03:07, Isak Hansen wrote:
> While MD5 is considered broken for certain applications, it's still
> perfectly valid for auth purposes.
MD5 rainbow tables can be calculated quickly using services easily
available to anyone (eg: EC2) and rainbow tables for passwords up to 8
chars have been successfully used in demo and real attacks several times
in the last year. It's looking pretty shakey.
That said, _properly_ _salted_ md5 is still likely to be strong enough
for most people's likely attack scenarios for quite some time to come.
It's only unsalted md5 that's dangerously stupid to use now - and it was
never exactly a good idea.
If you do your own user/password storage with a "users" table in the
database or whatever, make sure you salt the passwords for encryption.
--
Craig Ringer