Re: Lost password + MD5 ?
- From: Volker Hetzer <volker.hetzer@xxxxxxxx>
- Date: Fri, 02 Sep 2005 17:23:44 +0200
Erwin Moller wrote:
I don't want to ruin this party, but if you safe md5(password) you might as well store them plaintext.[...]
MD5 has had its best days. :-(
I also read some smart@ss at slashdot improved on this, and now it can be done on a run-of-the-mill PC in 1 second.
15min is the last estimate I know, but that's a few months old.
So: effectively MD5 is broken. Do not use it.
Depends on what this guys choices are and how much effort an attacker is going to spend on getting a password. a) In a web application you typically deal with the name-of-my-neighbour's-hamster class of passwords (unless it's a bank). For instance, a truly random password of 6 lowercase letters and digits has about 31bit of entropy in it, words something in the 10 to 20bit range. No attacker will attack md5 for this, they run some crack-like guesser and that's it. b) His toolkit may not have anything better to offer, in particular not SHA256.
Also, typically you salt passwords, i.e. combine them with another random string. (frizzle, you *do* that, don't you?) If the attacker doesn't steal the password hashes *and* the random strings he can't do anything. If he can break into your system and steal a file, you've IMHO got a way bigger problem than what hash function you chose.
Lots of Greetings! Volker .
- Follow-Ups:
- Re: Lost password + MD5 ?
- From: frizzle
- Re: Lost password + MD5 ?
- References:
- Lost password + MD5 ?
- From: frizzle
- Re: Lost password + MD5 ?
- From: Alvaro G Vicario
- Re: Lost password + MD5 ?
- From: ijsaunders
- Re: Lost password + MD5 ?
- From: Erwin Moller
- Lost password + MD5 ?
- Prev by Date: Re: Restricting Access and Protecting Code
- Next by Date: Re: [OT]ish - Free Opera Registration
- Previous by thread: Re: Lost password + MD5 ?
- Next by thread: Re: Lost password + MD5 ?
- Index(es):
Relevant Pages
|
|
