At 4:48 PM +0200 9/5/06, Satyam wrote:
It doesn't matter that MD5 is not secure or that it can be
decripted (which, in fact, it cannot, since it is a one-way code),
Not that you said otherwise.
It's my understanding that while MD5 has cannot be decrypted some
encryption can be cracked by matching matching results. They don't
have to work the code backwards.
For example, if I MD5 "apple" -- it will produces a corresponding
code (1f3870be274f6c49b3e31a0c6728957f). If a cracker has a library
of dictionary hash codes, it's a simple matter to compare all those
hash codes with my code to find a corresponding match, thus exposing
"apple" as the encrypted word.
That's one of the reasons why one shouldn't use a real word as a password.
tedd
PS: I wish my server had php5 for several reasons, including the
crack functions -- fascinating
--
-------
http://sperling.com http://ancientstones.com http://earthstones.com
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
