Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
I understand that passwords should be encrypted in databases to protect them from hackers and people with bad intentions. But MD5 was renewed in 2005. Since then, hackers found the inverse hash function and a lot of website can easily crack the MD5 hashed key, for example md5this.com which was one of the first suggested on google.
Shouldn’t each web developper create their own hash functions so that the hackers can’t retrieve the password if they get access to the database ?
You shouldn’t use MD5 hash for that reason anymore.
It provides some security just not enough to matter.
Each web developer should, but they don’t have the time usually so sha1 usually does the trick…
Sha1 is susceptible to a brute force attack, but it would be very time consuming for most developers to come up with their own encryption pattern that isn’t susceptible to brute force attacks.
Is SHA-1 secure for password storage?