On 6/5/07, Marko Kreen <[EMAIL PROTECTED]> wrote:
both md5 and sha1 are actually easier to bruteforce than the old DES-based crypt.
If this statement seems weird - the problem is the speed. MD5 and SHA1 are just faster algorithms than des-crypt. And there's nothing wrong with fast general-purpose algorithms, as long their cryptographic properties hold. Starting from 20-30 bytes the bruteforce is really not an option. But if you have under 10 bytes (let be honest - you have 6 bytes...) the speed start to matter, because it is possible on random laptop to simply try all combinations. -- marko ---------------------------(end of broadcast)--------------------------- TIP 3: Have you checked our extensive FAQ? http://www.postgresql.org/docs/faq