Gadgets & Tech – While doing forensics, I thought it would be interesting to find out the account password. Wordpress stores raw MD5 hashes in the user database (despite my recommendation to use salting). As with any respectable hash function, it is believed to be computationally infeasible to discover the input of MD5 from an output.
md5 was officially cracked not long ago.
http://en.epochtimes.com/news/7-1-11/50336.html
It is still an expensive process to reverse md5s. But there are sites like the below that have a waiting period...
eek
@blainegarrett: From the article you linked to-
Within four years, the U.S. government will cease to use SHA-1 (Secure Hash Algorithm) for digital signatures, and convert to a new and more advanced "hash" algorithm, according to the article "Security Cracked!" from New Scientist . The reason for this change is that associate professor Wang Xiaoyun of Beijing's Tsinghua University and Shandong University of Technology, and her associates, have already cracked SHA-1.
Nice. Cracked today, US government will stop using it.... later.
Not a member? Sign-up today!
hlebzx
inonoysotile
iacupuncture
inatural
iarthritis
agoraxatay
lemooeva
proxwatan
derasticanos
grungeplunge
akadan47
MaryP.Murphy
LyleW.Cortez
ElizabethL.Cloutier
RichardD.Phelan
AmandaN.Tarbox
RichardP.Nathanson
AnnetteK.Hearn
ToddA.Golden
FlorenceJ.Ulrey
STONERS
Shay
_kam0_
MaryLynn_
webtime
Wolfie2007
mazafaka
antecs2
hyartep
Raiderwall
greentoop
dexlovex2
GiorgosK
Aidenag
Wil
youmustagree
corey.spring
Ryan
jonroussel
idyll
capn_caveman
TheAttacks
Alexia
BJTJ
TimALoftis
Deidre
jeremytoday
blainegarrett
Digidave
Jordan
About Propeller | Frequently Asked Questions | Help
© 2003-2008 Propeller. All Rights Reserved. Terms of Use | Privacy Policy
14)
Vote
I just tried this with the MD5 for "test" - check out the results: http://farm3.static.flickr.com/2001/2050503101_...