You need to know the MD5 hash of the password in the first place and even then it is just luck of the draw, it really isn't that worrying. Just use a password that isn't part of a language?
-------------------------------------------- Bull3t http://www.bull3t.me.uk/ > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:wp-testers- > [EMAIL PROTECTED] On Behalf Of Pål GD > Sent: 21 November 2007 13:45 > To: [email protected] > Subject: Re: [wp-testers] Wordpress Google MD5 hash crack > > Cornell Finch wrote: > > I know this probably isn't the right place to put this but I don't > > know where else to submit it: > > > > http://www.theregister.co.uk/2007/11/21/google_md5_crack/ > > > > Is this something we should be worried about? > > > > Collin > Yes, indeed. Wordpress should have been doing salting[1], which I don't > think they do. > > [1] http://en.wikipedia.org/wiki/Salting_(cryptography) > _______________________________________________ > wp-testers mailing list > [email protected] > http://lists.automattic.com/mailman/listinfo/wp-testers > > No virus found in this incoming message. > Checked by AVG Free Edition. > Version: 7.5.503 / Virus Database: 269.16.2/1143 - Release Date: 21/11/2007 > 10:01 > No virus found in this outgoing message. Checked by AVG Free Edition. Version: 7.5.503 / Virus Database: 269.16.2/1143 - Release Date: 21/11/2007 10:01 _______________________________________________ wp-testers mailing list [email protected] http://lists.automattic.com/mailman/listinfo/wp-testers
