This is nothing about wicket - its about base security. MD5 is a
hash-algorithm (see: http://en.wikipedia.org/wiki/Md5) which is no more
secure (flaw found 1996) as there are tables to reverse given md5 (from
2003 on) to a valid input
if you need security youre best with SHA at the moment, that has a
greater length than the 128 Bit of MD5 and therefore more non-collision
space - have a look here: http://en.wikipedia.org/wiki/SHA_hash_functions
the implementation is available in java itself have a look at these
examples here:
http://mindprod.com/jgloss/sha1.html
http://o9y.net/archives/2005/11/30/java-string-to-md5-hash/
Best,
Korbinian
Pills schrieb:
Hello,
I've a little question with wicket: I would like to hash my users' passwords
(with md5) to make them unreadable for a human. And I also would like to
hash them before sending them through the network (to avoid the biggest part
of security issues).
Is there a way to achieve this?
Thank you ;)
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]