>>MD5 is also not very secure as there are programs >>that can be found to break this key
>From my understanding, MD5 is a hash, not an encryption. You can't find a program to break it since it irreversible. What you have to do is compare a value that you submit with the MD5 hash, meaning it is possible to have 2 entirely different values match the hash. ______________________ steve oliver atnet solutions, inc. http://www.atnetsolutions.com -----Original Message----- From: Andrew Scott [mailto:[EMAIL PROTECTED]] Sent: Tuesday, February 19, 2002 10:24 AM To: CF-Talk Subject: RE: only one MD5 hash? As with any Encryption, it needs a key. Break the key and you can deEncrypt the string. MD5 is also not very secure as there are programs that can be found to break this key, I would think about a 3rd party com object that would be a little bit more secure than MD5.. -----Original Message----- From: Chris Norloff [mailto:[EMAIL PROTECTED]] Sent: Wednesday, 20 February 2002 2:17 AM To: CF-Talk Subject: OT: only one MD5 hash? We're planning to hash user passwords before storing them in the database. We have a Java application server that will also be hashing user's passwords and comparing them to the hashed passwords in the database. We both use the MD5 hash - is there only one version of an MD5 hash? We're testing this now, but I thought I'd ask the question so I can have (maybe) some answers if we get different results with the two hash functions. thanks, Chris Norloff ______________________________________________________________________ Why Share? Dedicated Win 2000 Server � PIII 800 / 256 MB RAM / 40 GB HD / 20 GB MO/XFER Instant Activation � $99/Month � Free Setup http://www.pennyhost.com/redirect.cfm?adcode=coldfusionc FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/[email protected]/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
