Jump to content

Recommended Posts

Hi,

so it's not really a coding question but md5 got me a bit worried. I just learned about it and I was wondering what would stop someone to create a table with each encryption possibe from 0 to 15 characters and save it in a table.  Then if he finds a md5-encrypted password he can then translate it via his table assuming that the original password  is 15 characters or less. Is that right ? that freaks me out a bit tbh.

Edited by activee
Link to comment
https://forums.phpfreaks.com/topic/280988-md5-encryption/
Share on other sites

Easiest way - don't use MD5.  Rainbow tables are readily available for this and the lower level SHA encryptions as well.  Even with MD5, you should always apply a SALT to whatever you are hashing, a good SALT will increase the security of any hash significantly.

Link to comment
https://forums.phpfreaks.com/topic/280988-md5-encryption/#findComment-1444126
Share on other sites

Read through this thread: How to safely store passwords for some details about hashing, rainbow tables, salts, etc. That should give you a lot of good info to start with. The short answer to your questions though:

what would stop someone to create a table with each encryption possibe from 0 to 15 characters and save it in a table.

Then if he finds a md5-encrypted password he can then translate it via his table assuming that the original password  is 15 characters or less. Is that right?

The value found may or may not be the original password, but if it results in the same hash then it will work just as well. Two values resulting in the same hash is possible, and is known as a collision.

 

On a side note, MD5 is not encryption, it is a hash. Something that has been encrypted can be readily decrypted. That is not possible with MD5 and other hashing algorithms. As such, do not reference things as being MD5-encrypted, use md5-hashed or similar.

Link to comment
https://forums.phpfreaks.com/topic/280988-md5-encryption/#findComment-1444213
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.