md5 versus plain texst?

[sangoku]

Hy i read the topic about the md5 insecurity and the collision possibility....

 

And now i have a following question. Is it not MUCH more secure to store the actual password in the DB then the md5 value of it??

 

Because you with it eliminate the collision possibility of the md5 completely.

 

And I am aware of the possibility that someone could break into my DB but if I am dumb enough to let someone access my db, but that is not an issue.

I can always use a 2way encryption to store the data.

[worldcom]

My simple answer for the 'collision' possibility.

When I am storing a password for a user, for example, it is stored with an incremented value as an ID in the database.

Should an MD5 hash of a password match another one, it will NEVER match the combination of the ID value (incremented value) + the hash value.

 

 

[sangoku]

You miss the point by few miles.... i am talking about the security for  md5 versus just storing plain text.....

[dink87522]

No, md5 is defiantly way more secure. I would not want to be a user of your site where you stored passwords in plain text.

[sangoku]

But plain text stored in a encryption has no collisions... while md5 has.