Wim Bertels <wim.bertels@xxxxxxxxxxx> writes: > the sourcecode of a md5 collision generator has been released, > it takes about 45 minutes to generate. > ..so to an "eve" with this knowledge md5 is almost the same as plain text.. Really? The fact that you can construct pairs of strings with matching md5 hashes does not mean that you can find a string with the same md5 hash as a given string. The existence of this algorithm is disturbing, since it implies that MD5 is weaker than people thought, but it IS NOT a useful password cracker, and there's no reason for immediate panic. regards, tom lane ---------------------------(end of broadcast)--------------------------- TIP 1: if posting/reading through Usenet, please send an appropriate subscribe-nomail command to majordomo@xxxxxxxxxxxxxx so that your message can get through to the mailing list cleanly