MD5 creator: "[MD5] no longer considered safe”

Discussions of secure PHP coding. Security in software is important, so don't be afraid to ask. And when answering: be anal. Nitpick. No security vulnerability is too small.

Moderator: General Moderators

Post Reply
User avatar
twinedev
Forum Regular
Posts: 984
Joined: Tue Sep 28, 2010 11:41 am
Location: Columbus, Ohio

MD5 creator: "[MD5] no longer considered safe”

Post by twinedev »

While is has been preached here for a while that MD5 is not a good choice to use for password hashing, it was definitely confirmed:

http://phk.freebsd.dk/sagas/md5crypt_eol.html
As the author of md5crypt, I implore everybody to migrate to a stronger password scrambler without undue delay.
More info: http://www.zdnet.com/blog/security/md5- ... safe/12317 including:
The primary cause [of the decrypting of some of the 6.4 million passwords leaked] is LinkedIn’s failure to properly ’salt’ the hashed passwords using SHA-1 algorithm.
Saw an article this morning that eharmony was also compromised, however didn't catch if they are also being easily decrypted.

-Greg
User avatar
Celauran
Moderator
Posts: 6427
Joined: Tue Nov 09, 2010 2:39 pm
Location: Montreal, Canada

Re: MD5 creator: "[MD5] no longer considered safe”

Post by Celauran »

This simply cannot be mentioned often enough. Thanks for posting this.
User avatar
twinedev
Forum Regular
Posts: 984
Joined: Tue Sep 28, 2010 11:41 am
Location: Columbus, Ohio

Re: MD5 creator: "[MD5] no longer considered safe”

Post by twinedev »

Add another one to the list.... last.fm
http://www.theverge.com/2012/6/7/307063 ... sword-leak
User avatar
twinedev
Forum Regular
Posts: 984
Joined: Tue Sep 28, 2010 11:41 am
Location: Columbus, Ohio

Re: MD5 creator: "[MD5] no longer considered safe”

Post by twinedev »

I declare it "(Inter)National Change Your Password Day" LOL
User avatar
requinix
Spammer :|
Posts: 6617
Joined: Wed Oct 15, 2008 2:35 am
Location: WA, USA

Re: MD5 creator: "[MD5] no longer considered safe”

Post by requinix »

As others have mentioned elsewhere, the whole "scrambler" thing bothers me.

Meanwhile SHA-1 is getting towards the end of its lifetime too. Current recommendations are at least SHA-256.
User avatar
greyhoundcode
Forum Regular
Posts: 613
Joined: Mon Feb 11, 2008 4:22 am

Re: MD5 creator: "[MD5] no longer considered safe”

Post by greyhoundcode »

requinix wrote:Current recommendations are at least SHA-256.
Or indeed to move away from such rapidly executing hash functions altogether.
User avatar
twinedev
Forum Regular
Posts: 984
Joined: Tue Sep 28, 2010 11:41 am
Location: Columbus, Ohio

Re: MD5 creator: "[MD5] no longer considered safe”

Post by twinedev »

greyhoundcode wrote:Or indeed to move away from such rapidly executing hash functions altogether.
So then what do you suggest?
User avatar
Celauran
Moderator
Posts: 6427
Joined: Tue Nov 09, 2010 2:39 pm
Location: Montreal, Canada

Re: MD5 creator: "[MD5] no longer considered safe”

Post by Celauran »

bcrypt with a high work factor.
Live24x7
Forum Contributor
Posts: 194
Joined: Sat Nov 19, 2011 9:32 am

Re: MD5 creator: "[MD5] no longer considered safe”

Post by Live24x7 »

Time to get back and closely read:

LOGIN & REGISTRATION Script Tutorial at viewtopic.php?f=28&t=135287
User avatar
requinix
Spammer :|
Posts: 6617
Joined: Wed Oct 15, 2008 2:35 am
Location: WA, USA

Re: MD5 creator: "[MD5] no longer considered safe”

Post by requinix »

carrington01 wrote:I thought MD5 secured and safe. Is it true that it is considered no longer safe??
Yes. And stop spamming.
Post Reply