sanitation@lemmy.today to Privacy@lemmy.dbzer0.com · 10 hours ago60% of MD5 password hashes are crackable in under an hourwww.theregister.comexternal-linkmessage-square18linkfedilinkarrow-up149arrow-down13cross-posted to: cybersecurity@sh.itjust.works
arrow-up146arrow-down1external-link60% of MD5 password hashes are crackable in under an hourwww.theregister.comsanitation@lemmy.today to Privacy@lemmy.dbzer0.com · 10 hours agomessage-square18linkfedilinkcross-posted to: cybersecurity@sh.itjust.works
minus-squaree0qdk@reddthat.comlinkfedilinkarrow-up11·9 hours agoYep, salt. Also, there are much better options than MD5. I used bcrypt in systems I built a while back. There’s also scrypt and argon2, which are newer. (Just be careful that you don’t create a DoS vulnerability while hardening your login system…)
minus-squarekingofras@lemmy.worldlinkfedilinkarrow-up1·4 hours agoYou sound very salty for someone this knowledgeable.
minus-squarekmartburrito@lemmy.worldlinkfedilinkarrow-up7·9 hours agoYep, and md5 is only used by many because it’s so fast. Cutting corners for speed’s sake is always going to come with a penalty somewhere.
minus-squaregravitas_deficiency@sh.itjust.workslinkfedilinkEnglisharrow-up1·1 hour agoAnd, you know, checksums, which MD5 is honestly great for
Yep, salt. Also, there are much better options than MD5. I used bcrypt in systems I built a while back. There’s also scrypt and argon2, which are newer. (Just be careful that you don’t create a DoS vulnerability while hardening your login system…)
You sound very salty for someone this knowledgeable.
Yep, and md5 is only used by many because it’s so fast. Cutting corners for speed’s sake is always going to come with a penalty somewhere.
And, you know, checksums, which MD5 is honestly great for