On Sun, Feb 01, 2015 at 11:19:52PM -0500, Rich Felker wrote: > md5 is not better and probably worse than des. You should be using
Looking over phk's comments on retiring md5crypt (http://phk.freebsd.dk/sagas/md5crypt_eol.html), I note that he says: New research has shown that it can be run at a rate close to 1 million checks per second on COTS GPU hardware, which means that it is as prone to brute-force attacks as the DES based UNIX crypt was back in 1995: Any 8 character password can be found in a couple of days. Given CPU speed, DES is presumably weaker today than it was in 1995. Is there a reason for assuming that md5crypt is worse? > bcrypt if the system supports it and otherwise sha256, sha512, or the > enhanced des support some systems have. These could be tried as > sequential fallbacks. That sounds like it would be ideal. Thanks, Isaac Dunham _______________________________________________ Toybox mailing list [email protected] http://lists.landley.net/listinfo.cgi/toybox-landley.net
