Just to clarify Rick, the MD5 is not strictly speaking an encryption algorithm. It's a hashing algorithm, hashes by their very nature are intended to be one way and destructive.
There are only a finite number of possible results of the MD5 hash, which is how people have constructed tools to "decrypt" the hash, but what they are really doing is simply trying to create a massive repository of "possible" decryptions from the hash. Think of this scenario, since there is a finite (albeit very large) pool of possible hash results - there are an infinite number of strings that could generate the same hash result. So you can't REALLY decrypt a hash back to it's original string, just any known string that creates that hash. Not a real example, but to illustrate the point Your super secret password: password1234 = MD5 hash bdc87b9c894da5168059e00ebffb9077 That Hash may also be the preamble to the consitiution... =] On Thu, Mar 12, 2015 at 8:03 AM, Russ Michaels <r...@michaels.me.uk> wrote: > > Brute forcing MD5 hashes is really only going to work if you are still > using weak passwords to begin with and just hashing them. This then works > in exactly the same way as a brute force dictionary attack on a plain > password, except they try the hashed version of the same password. > You should always allow strong passwords and pass phrases, sadly so many > sites still do not do this. > > > On Thu, Mar 12, 2015 at 2:43 PM, Byron Mann <byronos...@gmail.com> wrote: > > > > > Just for reference. Here's a pretty good article on how to hash properly. > > > > https://crackstation.net/hashing-security.htm > > > > Hashing is often done incorrectly, even if it's being salted you never > want > > to use the same salt across the board. Simple thing is, compute power is > so > > available, brute forcing MD5 hashes is fairly easy these days. I wouldn't > > even recommend using MD5 for anything secure like a hash of a password. > > Stick to that for simple things like file compares, etc. > > > > Cheers, > > ~Byron > > > > > > > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:360258 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
