Results 1 to 7 of 7

Thread: [Resolved] ?? vs md5()

  1. #1

    Thread Starter
    Stuck in the 80s The Hobo's Avatar
    Join Date
    Jul 2001
    Location
    Michigan
    Posts
    7,256

    [Resolved] ?? vs md5()

    Is there any other type of encryption, besides md5()?

    I have a guy using one of my scripts that's paranoid someone will crack his password and insists that md5() is easy to crack (although he hasn't shown me proof).

    So what are your thoughts? What do you use?
    Last edited by The Hobo; Jun 22nd, 2003 at 01:38 PM.
    My evil laugh has a squeak in it.

    kristopherwilson.com

  2. #2
    Addicted Member TheGoldenShogun's Avatar
    Join Date
    Mar 2001
    Location
    VA/MD... anywhere around the beltway
    Posts
    236
    PASSWORD() is another level of encryption, dont think its better than MD5 though.

  3. #3

    Thread Starter
    Stuck in the 80s The Hobo's Avatar
    Join Date
    Jul 2001
    Location
    Michigan
    Posts
    7,256
    The folks over at GalahTech gave me few ideas.
    My evil laugh has a squeak in it.

    kristopherwilson.com

  4. #4
    Frenzied Member
    Join Date
    Nov 1999
    Posts
    1,337
    please share, if you don't use salt or md5() what other choices do you have unless you make your own.

    and besides I never heard anybody crack md5() as it is one way only. 128bit is like 100+ years to crack.

  5. #5

    Thread Starter
    Stuck in the 80s The Hobo's Avatar
    Join Date
    Jul 2001
    Location
    Michigan
    Posts
    7,256
    They suggested something along the lines of:

    Code:
    function passenc($password) {
        $password .= "jk4swq1";
    
        $password = md5(md5($password));
    
        return $password;
    }
    Or something.
    My evil laugh has a squeak in it.

    kristopherwilson.com

  6. #6

    Thread Starter
    Stuck in the 80s The Hobo's Avatar
    Join Date
    Jul 2001
    Location
    Michigan
    Posts
    7,256
    It is probably a good thing to note that I sent this guy a md5'ed string and told him to tell me what it originally was. I said that if he could crack it and tell me what it said, then I would try to implement stronger encryption in the software.

    He hasn't responded to me yet, and that was a few weeks ago. So it's likely that he's full of it.
    My evil laugh has a squeak in it.

    kristopherwilson.com

  7. #7
    Frenzied Member
    Join Date
    Nov 1999
    Posts
    1,337
    doing a double md5() pretty sneeky

    it even says in the manual that md5() is one way only. I do believe you are right, that guy is full of it, and it isn't php

    show him the manual where it says that.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  



Click Here to Expand Forum to Full Width