MD5 is a hasing algorithm.. one-way.. really only good for checking known values and keeping them 'private', like storing passwords in a database. That way, if someone breaks into your database, they don't get the passwords, only the non-reversible MD5 hashes of the passwords. To check a user's login credentials, you take the database value for password and you compare it to md5($password) that the user entered and see if they match. So the fact that MD5 is a well known algorithm doesn't really make a difference as far as security goes. Then again, RSA, Blowfish, etc are well known algorithms and are considered at least fairly secure too.. and are reversible. -TG = = = Original message = = = Hi, Does md5 really offer much in terms of protection? The algorithm is really well known. I would like to hear your thoughts and poosible alternatives (mcrypt?) R. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php ___________________________________________________________ Sent by ePrompter, the premier email notification software. Free download at http://www.ePrompter.com. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
