• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

MD5 password = End of life

Slavik

XenForo moderator
Staff member
#2
The original author of the MD5 password hash algorithm has publicly declared his software end-of-life and is “no longer considered safe” to use on commercial websites.

Continues: http://www.zdnet.com/blog/security/md5-password-scrambler-no-longer-safe/12317

Thoughts? (Doesn't XenForo use MD5 and so does a lot of others?)
Xenforo uses SHA.

MD5 has been defunct for years and as each generation of graphics card is released becomes even moreso.

I've heard recent rumors of someone benching 4 cards crunching 100 BILLION md5 passwords a second.

In laymans terms, that means an 11 character MD5 password with 3 upper case, 4 lowercase, 2 numbers and 2 special characters can be bruteforce cracked in under 2 hours.
 

Robbo

Well-known member
#7
MD5 and many of the current password hashing techniques have been insecure for a long time. Salts also only protect against rainbow tables which are rendered pointless due to current GPU processing power.

If someone got your hash and your password wasn't long and cryptic and they knew what you were doing then they would be able to crack it fairly fast.
 

Robbo

Well-known member
#9
Exactly. But no one should rely on a hash being a last line of defence anymore. It is simply an inconvenience. Unless you use a new hashing method which for now can be safe.
XenForo hashing is also unsecure.
http://www.codinghorror.com/blog/2012/04/speed-hashing.html

Use bcrypt or PBKDF2 exclusively to hash anything you need to be secure. These new hashes were specifically designed to be difficult to implement on GPUs. Do not use any other form of hash. Almost every other popular hashing scheme is vulnerable to brute forcing by arrays of commodity GPUs, which only get faster and more parallel and easier to program for every year.
 

Naatan

Well-known member
#12
MD5 and many of the current password hashing techniques have been insecure for a long time. Salts also only protect against rainbow tables which are rendered pointless due to current GPU processing power.

If someone got your hash and your password wasn't long and cryptic and they knew what you were doing then they would be able to crack it fairly fast.
To be clear, they will be able to calculate a string that hashes to the same value as your password, It's unlikely that they will crack your actual password and imposible if a salt was used.

Anything can be brute-forced over time, these days it's more important simply to ensure they won't be able to crack your actual password, because obviously the hacker already had access to the database so they have absolutely no use what so ever for brute-forcing a string that matches the same hash as your actual password (for that particular site).