[lug] MD5 strength?
D. Stimits
stimits at attbi.com
Fri Aug 30 18:48:40 MDT 2002
I am curious, for the MD5 password hash, is this currently considered
strong, or is it easily broken by normal hardware? I have people telling
me that password hash is useless and broken quite easily, and if this is
about old style passwords, I agree...but with MD5, I do not believe that
any real weakness, other than perhaps theoretical, has been found. If
someone uses a buffer overflow attack to email the shadow file, and if
the shadow file is MD5, what kind of difficulty would the attacker have
at cracking non-common passwords (passwords not from a common words,
where it must actually be broken instead of guessed)?
D. Stimits, stimits AT attbi.com
More information about the LUG
mailing list