08-31-2009, 02:00 PM
|
#9 (permalink)
|
|
Wizard
Join Date: Sep 2007
Posts: 1,299
Thanks: 17
|
Quote:
Originally Posted by eStrategy
Fair point  I reasoned that in most cases the MD5 output would be a lot longer and therefore more complex then the input string, for example a 6 char password vs an MD5 string. |
Always do hash your password inputs, but don't go crazy with it. MD5 and SHA1 both have been considered insecure for years now by the government. They both have high collision rates on top of that. Although SHA1 has not yet been cracked.
Rainbow tables can us used against either one easily, but even a simple salt makes those useless. |
|
|
|