From: Peter Lind

> On 24 August 2010 15:43, Gary <> wrote:
>> Jan G.B. wrote:
>>> The weakness of MD5 is mainly because MD5 collisions are possible.
>>> That means, that different strings can have the same MD5-hash...
> It's worth noting that that essentially does not touch upon whether or
> not MD5 can be considered safe or not as a means to store password
> information. The researchers have discovered ways of crafting inputs
> to easily find colliding hashes - they have not discovered any easy
> means to craft an input that will collide with a given hash.

That's a simple matter of brute force, which can be done once and saved
for instant use later. However, putting a salt into your algorithm
pretty much eliminates the chances of success using that attack.

Bob McConnell

PHP General Mailing List (
To unsubscribe, visit:

Reply via email to