Hi All, I've been vaguely aware that more and more effort is going into proving that MD5 isn't secure anymore, but this article in particular - http://www.win.tue.nl/hashclash/rogue-ca/ - has me wondering if MD5 is still safe for storing hashed user passwords? I realise that article is talking about a very different use of an attack on MD5, but I'm curious if other developers are still using MD5, or if another hashing algorithm is considered better? Many thanks for any advice, M is for Murray http://www.ulblog.org
