> >I have to dissapoint you again: MD5 has been broken and can no longer be >considered safe:
But that is nearly completely irrelevant for MD5 password hashing. And even though "DES" is broken, there are no breaks for original UNIX crypt which are faster than brute force (though pre-computing all hashes is probably feasible by now) With MD5 key hashes the keyspace is (much) longer and brute force is still the only option, yet the algorithm takes longer to run and the size of the keyspace makes finding non-trivial passwords much harder. Casper _______________________________________________ opensolaris-discuss mailing list opensolaris-discuss@opensolaris.org
