Agree. Here we always have 2 factors to consider: how safe it is and how long it takes to break. If time and cost to break are higher that the good we are trying to protect, we can use what we have. Carlos Vera Internet Society Ecuador www.isoc.org.ec Síguenos @isocec > El 22/4/2015, a las 10:28, Phillip Hallam-Baker <phill@xxxxxxxxxxxxxxx> escribió: > >> On Tue, Apr 21, 2015 at 9:02 PM, Paul Wouters <paul@xxxxxxxxx> wrote: >>> On Tue, 21 Apr 2015, l.wood@xxxxxxxxxxxx wrote: >>> >>> Despite the existence of RFC6151... >>> >>> http://www.loginwall.com/Solutions.php >> >> >> 6151 only talks about MD5 Message-Digest and the HMAC-MD5. >> >> It does not include "MD5 encryption" :) >> >> Paul > > For this particular application, MD5 is not the weakest link in the > chain, nor are the weaknesses in MD5 actually relevant. > > I would not use MD5 in any application simply because there are > alternatives that don't require detailed explanation of why they are > safe. But I am pretty sure that unless we are talking about machine > generated passwords, an attack on MD5 is going to have a much higher > workfactor than brute forcing the password space. > >